Announcement

Collapse
No announcement yet.

Ts/rdp

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ts/rdp

    Hi all,



    What are your recommendation on allowing RDP/TS access to a terminal server. Should RDP users have to connect a VPN first then run the RDP over the VPN. Or allow them access via WAN ip address/FQDN with port forwarding of RDP/TS port(3389)

    This question relates to Server 2003/08 TS in a domain setup using a hardware firewall within a company environment.

    Regards
    Mark Jones

  • #2
    Re: Ts/rdp

    It's best practices against cost really. RDP had a flaw recently so direct exposure is very risky. You could use certificates to authorise access to the server if you need to publish it directly, maybe even change the port so the users need to type name:1234.
    Obviously sitting it behind a secure front-end is the safest way.
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: Ts/rdp

      VPN will be more secure. Also look at using a RDP Gateway as it will encrypt everything over HTTPS.
      http://technet.microsoft.com/en-us/l.../cc731150.aspx
      Regards,
      Jeremy

      Network Consultant/Engineer
      Baltimore - Washington area and beyond
      www.gma-cpa.com

      Comment

      Working...
      X