TS Gateway
mr2nut
Member Posts: 269
I've got a Virtual Server on the go to test some of the new functionality of Server 2008 for the transition exam, and came across TS Gateway. At first it seemed impressive, but then I thought, "hang on a minute, can't I just open port 3389 on the router and point to a specified Server?" I wouldn't let people RDP to my DC, but to a member Server would be fine, then with the correct credentials, across to any other DC or Servers I allow them to RDP to. From what I can see, TS Gateway just makes use of SSL 443 which is already open on most routers?
Comments
-
astorrs Member Posts: 3,139 ■■■■■■□□□□It makes use of HTTPS like you said, but it's more than just access to the one server. Using the 6.x version of the RDP client you give it the address of the TS Gateway on the Advanced tab and enter all the other credentials/servername as normal and it proxies the connection through the TS Gateway server directly to the server you are trying to connect to. The other computer sees the traffic as coming from the TS Gateway so you don't have to relax security, etc. to use it.
I use it at home so I can remotely connect to my ESX environment from anywhere in the world without RDPing into something first. -
mr2nut Member Posts: 269It makes use of HTTPS like you said, but it's more than just access to the one server. Using the 6.x version of the RDP client you give it the address of the TS Gateway on the Advanced tab and enter all the other credentials/servername as normal and it proxies the connection through the TS Gateway server directly to the server you are trying to connect to. The other computer sees the traffic as coming from the TS Gateway so you don't have to relax security, etc. to use it.
I use it at home so I can remotely connect to my ESX environment from anywhere in the world without RDPing into something first.
Ahhh, I get the use for it now. For example, if I set up a port in my router to point port 3389 at a specific Server, you then can't create another rule to point the same port at another Server (obviously!) So RDP 6 essentially gives you a 'gateway' Server (as per the name) and then the front page of RDP to type the local IP/hostname of the Server you need.
Fair does, think i'll have to set this up tomorrow. Cheers for that -
astorrs Member Posts: 3,139 ■■■■■■□□□□Ahhh, I get the use for it now. For example, if I set up a port in my router to point port 3389 at a specific Server, you then can't create another rule to point the same port at another Server (obviously!) So RDP 6 essentially gives you a 'gateway' Server (as per the name) and then the front page of RDP to type the local IP/hostname of the Server you need.
Fair does, think i'll have to set this up tomorrow. Cheers for that -
mr2nut Member Posts: 269Ive got it installed fine and working on the lan but he you could forward that info on to take a look at anyway id appreciate it man.
-
astorrs Member Posts: 3,139 ■■■■■■□□□□Ive got it installed fine and working on the lan but he you could forward that info on to take a look at anyway id appreciate it man.
-
mr2nut Member Posts: 269If you've got it working and certificates issued, etc you should be fine. There were a few blog posts/articles I had saved that covered setup/config (which you seem to be past).
I've got it working internally but i'm guessing it won't use certs at this point. Need to try it externally. I did install CA and create a key in the installation so hopefully it should work fine.