RDP over SSL ?

This topic contains 8 replies, has 4 voices, and was last updated by Avatar ASS-Ware 11 years, 5 months ago.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • Avatar
    ASS-Ware
    Member
    #132832

    I have set up an SBS 2003 R2 SP2 system in my own office.
    I have run all the needed wizzards.
    I have bought a nice SSL certificate.
    All is working well.

    Let’s assume I only have ports 25 and 443 open and they are redirected to my SBS server.

    Is it possible to “tunnel” RDP traffic through SSL using port 443 so I can use RDP to connect to my server from the internet ?

    I know RDP is already encrypted, but that’s not why I ask this.
    At 2 of my clients port 3389 is blocked (in and out) and I would like to connect through 443, which is open.

    Avatar
    PaulH
    Member
    #294502

    Re: RDP over SSL ?

    You can change the port RDP is listening on, see http://support.microsoft.com/kb/306759 and you can change the port the client uses for RDP (which obviously must also change) by adding colon (:) port number at the end of the IP address that you are running mstsc on.

    However, if the server is already listening on 443 for other things, such as OWA, you will have troubles with two services listening on the same port, so I think you should open up a new, different port on your customer’s router to handle RDP traffic.

    Altrernatively, are you able to join their VPN and then RDP to a local IP address? This may be a better option and sidesteps the issue.

    I realise the above is not the perfect answer, but I hope it helps somewhat.

    Avatar
    ASS-Ware
    Member
    #318745

    Re: RDP over SSL ?

    PaulH;107974 wrote:
    You can change the port RDP is listening on, see http://support.microsoft.com/kb/306759 and you can change the port the client uses for RDP (which obviously must also change) by adding colon (:) port number at the end of the IP address that you are running mstsc on.

    However, if the server is already listening on 443 for other things, such as OWA, you will have troubles with two services listening on the same port, so I think you should open up a new, different port on your customer’s router to handle RDP traffic.

    Altrernatively, are you able to join their VPN and then RDP to a local IP address? This may be a better option and sidesteps the issue.

    I realise the above is not the perfect answer, but I hope it helps somewhat.

    Thanks, but this won’t help.

    They do protocol filtering as well, so even if I change the port, that won’t change a bit.
    VPN’s are not going through the proxy, bummer.
    If there would be a way to let it go through SSL, they would not see the RDP protocol.

    Thanks anyway.

    Avatar
    teiger
    Member
    #229920

    Re: RDP over SSL ?

    Use RWW! It is based on 443 and can be set up for you OUT OF THE BOX if you UTFW!
    See http://www.sbsfaq.com/Lists/FAQs/DispForm.aspx?ID=11 for more details.

    Avatar
    Lior_S
    Member
    #282706

    Re: RDP over SSL ?

    teiger;107988 wrote:
    Use RWW! It is based on 443 and can be set up for you OUT OF THE BOX if you UTFW!
    See http://www.sbsfaq.com/Lists/FAQs/DispForm.aspx?ID=11 for more details.

    :confused: what about port 4125? do you not need that open for it to work?

    Avatar
    ASS-Ware
    Member
    #318747

    Re: RDP over SSL ?

    teiger;107988 wrote:
    Use RWW! It is based on 443 and can be set up for you OUT OF THE BOX if you UTFW!
    See http://www.sbsfaq.com/Lists/FAQs/DispForm.aspx?ID=11 for more details.

    Yes that works perfectly, but works over port 4125.
    Would that not be blocked by most proxies ?
    And what protocol travels over port 4125 ?

    Avatar
    teiger
    Member
    #229921

    Re: RDP over SSL ?

    Yes the remote firewall needs 4125 open (next to the SBS) but nothing else uses that port and it is only opened dynamically if you read the link.

    Avatar
    ASS-Ware
    Member
    #318748

    Re: RDP over SSL ?

    teiger;108049 wrote:
    Yes the remote firewall needs 4125 open (next to the SBS) but nothing else uses that port and it is only opened dynamically if you read the link.

    I assume that there will be traffic from my PC that is supposed to go through the proxy to my SBS server over port 4125.
    Am I wrong ?
    Why else do I have to open that port ?

    Avatar
    ASS-Ware
    Member
    #318749

    Re: RDP over SSL ?

    teiger;107988 wrote:
    Use RWW! It is based on 443 and can be set up for you OUT OF THE BOX if you UTFW!
    See http://www.sbsfaq.com/Lists/FAQs/DispForm.aspx?ID=11 for more details.

    It works from almost everywhere, but not from where I am today.
    SSL works, I can log on to RWW, but when I try to connect to a PC, IE says it can’t find it.
    Bummer.

Viewing 9 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic.