ISA 2006 and remote desktop web connection

[Guest SDavis]

Hello there,

 

I am running ISA 2006 STD on a Windows 2003 R2 w/sp2 STD server that is

sitting behind a Cisco PIX firewall. Before the PIX security settings were

implemented it was allowing traffic via port 443 and port 3389 through. This

allowed users via MSIE from the outside to authenticate through the ISA

server which would allow access to a dedicated terminal server which they

could log into. Now the only access the Cisco PIX firewall is via port 443.

When this happened the users could still authenticate in through the ISA

server and access the Remote Desktop Web Connection page, type in the name of

the server and click on connect, however at the next screen where the remote

desktop is supposed to be displayed it times out with an error message

stating something to the effect that the session could not be established due

to an issue with the network.

 

So the question is what needs to happen to allow Remote Desktop Web

connection to function with the current PIX firewall restrictions in place?

 

Thanks,

[Guest TP]

Re: ISA 2006 and remote desktop web connection

 

Hello,

 

The remote desktop activex client communicates using port 3389

by default. Your PIX is blocking this port and thus prevents

remote desktop from connecting.

 

To use *only* port 443 you need some sort of SSL VPN product

to tunnel the RDP traffic, or use TS Gateway which will be included

with Server 2008. You can download and install the Beta version

of Server 2008 if you are interested.

 

-TP

 

SDavis wrote:

> Hello there,

>

> I am running ISA 2006 STD on a Windows 2003 R2 w/sp2 STD server that

> is sitting behind a Cisco PIX firewall. Before the PIX security

> settings were implemented it was allowing traffic via port 443 and

> port 3389 through. This allowed users via MSIE from the outside to

> authenticate through the ISA server which would allow access to a

> dedicated terminal server which they could log into. Now the only

> access the Cisco PIX firewall is via port 443. When this happened the

> users could still authenticate in through the ISA server and access

> the Remote Desktop Web Connection page, type in the name of the

> server and click on connect, however at the next screen where the

> remote desktop is supposed to be displayed it times out with an error

> message stating something to the effect that the session could not be

> established due to an issue with the network.

>

> So the question is what needs to happen to allow Remote Desktop Web

> connection to function with the current PIX firewall restrictions in

> place?

>

> Thanks,