No announcement yet.

Ts +fw

  • Filter
  • Time
  • Show
Clear All
new posts

  • Ts +fw


    i need to set up an 2008 TS server, inside a Domain2003, that will allow domain users to open an RDP from it to other servers, in a diferent subnets (not inside the same domain).
    i want the option to allow only user X to open RDP to server 1.2.3 and user Y can RDP only to server 5.6.7.
    again the servers (targets)are located in diferent subnets, but all have same user name / password.
    can it be done? (a FW or IPSEC filter that can open RDP conecction from inside the server (same source) to other servers?


  • #2
    Re: Ts +fw

    Better way to do it is to add the permitted users to the Remote Desktop Users local group on the target TS server.

    You can also use a TS Gateway server and setup the CAP/RAP policies for your users. This works over SSL so you probably won't need to touch the firewall. Otherwide you need port 3389 open on the firewall between subnets.


    • #3
      Re: Ts +fw

      this is the problem.
      the target servers have only and same user /pass. i can not add or edit it.
      i must find a way for the lan domain users that rdp into the TS2008 server to rdp to a spesific ip address only.
      i need a fw or other filter/ruller (maybe ISA server?) that can grant rdp access to users that are login.


      • #4
        Re: Ts +fw

        I do not see at the moment what you need the 2008 Server for, but you can add the userX and userY to the Remote Desktop Users of the 2008Server and edit their profiles (by using GPOs from the domain) in such a manner that the only thing they can run is an RDP connection to their specific server: on the userX' desktop he will have an RDC to server 1.2.3 and userY will find an RDC to 5.6.7. Not Nice, not even elegant, but it is what you asked for

        Sorin Solomon

        In order to succeed, your desire for success should be greater than your fear of failure.