Terminal Server with 2 NIC's

December 3, 2007

Hello,

I have a member server on a SBS 2003 network that is a terminal server. I

added a second network card to the Terminal Server and purchased a public IP

so that our remote employees can log into it from the internet on this

second network card without having to create a VPN through our SBS server

and generate more traffic on our internal network. When I configure the

second NIC with the public ip and try to input the Default Gateway that was

provided to me by my ISP, i get the error:

Warning - Multiple default gateways are intended to provide redundancy to a

single network(such as an intranet or internet). They will not fumction

properly when the gateways are on two separate, disjoint networks(such as

one on your intranet and one on the internet). Do you want to save this

configuration?

Is what i am trying to do not a valid configuration?

Thanks

TR

December 3, 2007

Re: Terminal Server with 2 NIC's

TR wrote:

> Hello,

>

> I have a member server on a SBS 2003 network that is a terminal server. I

> added a second network card to the Terminal Server and purchased a public IP

> so that our remote employees can log into it from the internet on this

> second network card without having to create a VPN through our SBS server

> and generate more traffic on our internal network. When I configure the

> second NIC with the public ip and try to input the Default Gateway that was

> provided to me by my ISP, i get the error:

> Warning - Multiple default gateways are intended to provide redundancy to a

> single network(such as an intranet or internet). They will not fumction

> properly when the gateways are on two separate, disjoint networks(such as

> one on your intranet and one on the internet). Do you want to save this

> configuration?

>

> Is what i am trying to do not a valid configuration?

>

> Thanks

>

> TR

>

Ack!!! What you are trying to do is opening the door to hackers!!! Your

serve ris now a gateway into your network!! Never, ever, put a server on

an internal network on the internet....

--

Regards,

Hank Arnold

Microsoft MVP

Windows Server - Directory Services

December 3, 2007

Re: Terminal Server with 2 NIC's

Geez Hank...

Well I am no an expert on routing. How do I give our remote employees

access to the terminal server without burdening our current SBS network with

all the VPN's and all the traffic they generate on the internal network.

If the only thing i have enabled on this TERMINAL nic is TCP\IP and they are

using RDP which is supposedly encrypted, how do i set this up?

Thanks

TR

"Hank Arnold (MVP)" <rasilon@aol.com> wrote in message

news:O07iPQZNIHA.2376@TK2MSFTNGP02.phx.gbl...

> TR wrote:

>> Hello,

>>

>> I have a member server on a SBS 2003 network that is a terminal server.

>> I added a second network card to the Terminal Server and purchased a

>> public IP so that our remote employees can log into it from the internet

>> on this second network card without having to create a VPN through our

>> SBS server and generate more traffic on our internal network. When I

>> configure the second NIC with the public ip and try to input the Default

>> Gateway that was provided to me by my ISP, i get the error:

>> Warning - Multiple default gateways are intended to provide redundancy to

>> a single network(such as an intranet or internet). They will not fumction

>> properly when the gateways are on two separate, disjoint networks(such as

>> one on your intranet and one on the internet). Do you want to save this

>> configuration?

>>

>> Is what i am trying to do not a valid configuration?

>>

>> Thanks

>>

>> TR

>>

> Ack!!! What you are trying to do is opening the door to hackers!!! Your

> serve ris now a gateway into your network!! Never, ever, put a server on

> an internal network on the internet....

>

> --

>

> Regards,

> Hank Arnold

> Microsoft MVP

> Windows Server - Directory Services

December 3, 2007

Re: Terminal Server with 2 NIC's

First of all, I agree with Hank that you are taking a big risk.

It doesn't matter that rdp is encrypted, because your TS is open

for logon attempts from the Internet, and all it needs is just one

single user account with a weak password and you're hacked.

So I would definitively set your users up with a VPN connection, or

SSH, directly to the TS (doesn't have to go through the SBS 2003

server).

That said, to answer your original question: I believe that you

need to manually configure your Windows routing tables, using the

route.exe command. Only one NIC should have a default gateway

assigned through the GUI.

_________________________________________________________

Vera Noest

MCSE, CCEA, Microsoft MVP - Terminal Server

TS troubleshooting: http://ts.veranoest.net

___ please respond in newsgroup, NOT by private email ___

"TR" <TR@somehwere.com> wrote on 03 dec 2007 in

microsoft.public.windows.terminal_services:

>

> Geez Hank...

>

> Well I am no an expert on routing. How do I give our remote

> employees access to the terminal server without burdening our

> current SBS network with all the VPN's and all the traffic they

> generate on the internal network.

>

> If the only thing i have enabled on this TERMINAL nic is TCP\IP

> and they are using RDP which is supposedly encrypted, how do i

> set this up?

>

> Thanks

> TR

>

> "Hank Arnold (MVP)" <rasilon@aol.com> wrote in message

> news:O07iPQZNIHA.2376@TK2MSFTNGP02.phx.gbl...

>> TR wrote:

>>> Hello,

>>>

>>> I have a member server on a SBS 2003 network that is a

>>> terminal server. I added a second network card to the Terminal

>>> Server and purchased a public IP so that our remote employees

>>> can log into it from the internet on this second network card

>>> without having to create a VPN through our SBS server and

>>> generate more traffic on our internal network. When I

>>> configure the second NIC with the public ip and try to input

>>> the Default Gateway that was provided to me by my ISP, i get

>>> the error: Warning - Multiple default gateways are intended to

>>> provide redundancy to a single network(such as an intranet or

>>> internet). They will not fumction properly when the gateways

>>> are on two separate, disjoint networks(such as one on your

>>> intranet and one on the internet). Do you want to save this

>>> configuration?

>>>

>>> Is what i am trying to do not a valid configuration?

>>>

>>> Thanks

>>>

>>> TR

>>>

>> Ack!!! What you are trying to do is opening the door to

>> hackers!!! Your serve ris now a gateway into your network!!

>> Never, ever, put a server on an internal network on the

>> internet....

>>

>> --

>>

>> Regards,

>> Hank Arnold

>> Microsoft MVP

>> Windows Server - Directory Services

December 4, 2007

Re: Terminal Server with 2 NIC's

Hi Vera,

I am not familiar with SSH. Is this something I would setup directly on the

TERMINAL server? Is SSH an open source product? We are having the remote

people use VPN now, but the VPN's are created through the SBS2003 box and

this is generating alot of traffic on our local lan. Hence my idea about the

second network card directly on the TERMINAL server itself with a public IP.

thanks

TR

"Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote in message

news:Xns99FBE2B9BBCFAveranoesthemutforsse@207.46.248.16...

> First of all, I agree with Hank that you are taking a big risk.

> It doesn't matter that rdp is encrypted, because your TS is open

> for logon attempts from the Internet, and all it needs is just one

> single user account with a weak password and you're hacked.

> So I would definitively set your users up with a VPN connection, or

> SSH, directly to the TS (doesn't have to go through the SBS 2003

> server).

>

> That said, to answer your original question: I believe that you

> need to manually configure your Windows routing tables, using the

> route.exe command. Only one NIC should have a default gateway

> assigned through the GUI.

> _________________________________________________________

> Vera Noest

> MCSE, CCEA, Microsoft MVP - Terminal Server

> TS troubleshooting: http://ts.veranoest.net

> ___ please respond in newsgroup, NOT by private email ___

>

> "TR" <TR@somehwere.com> wrote on 03 dec 2007 in

> microsoft.public.windows.terminal_services:

>

>>

>> Geez Hank...

>>

>> Well I am no an expert on routing. How do I give our remote

>> employees access to the terminal server without burdening our

>> current SBS network with all the VPN's and all the traffic they

>> generate on the internal network.

>>

>> If the only thing i have enabled on this TERMINAL nic is TCP\IP

>> and they are using RDP which is supposedly encrypted, how do i

>> set this up?

>>

>> Thanks

>> TR

>>

>> "Hank Arnold (MVP)" <rasilon@aol.com> wrote in message

>> news:O07iPQZNIHA.2376@TK2MSFTNGP02.phx.gbl...

>>> TR wrote:

>>>> Hello,

>>>>

>>>> I have a member server on a SBS 2003 network that is a

>>>> terminal server. I added a second network card to the Terminal

>>>> Server and purchased a public IP so that our remote employees

>>>> can log into it from the internet on this second network card

>>>> without having to create a VPN through our SBS server and

>>>> generate more traffic on our internal network. When I

>>>> configure the second NIC with the public ip and try to input

>>>> the Default Gateway that was provided to me by my ISP, i get

>>>> the error: Warning - Multiple default gateways are intended to

>>>> provide redundancy to a single network(such as an intranet or

>>>> internet). They will not fumction properly when the gateways

>>>> are on two separate, disjoint networks(such as one on your

>>>> intranet and one on the internet). Do you want to save this

>>>> configuration?

>>>>

>>>> Is what i am trying to do not a valid configuration?

>>>>

>>>> Thanks

>>>>

>>>> TR

>>>>

>>> Ack!!! What you are trying to do is opening the door to

>>> hackers!!! Your serve ris now a gateway into your network!!

>>> Never, ever, put a server on an internal network on the

>>> internet....

>>>

>>> --

>>>

>>> Regards,

>>> Hank Arnold

>>> Microsoft MVP

>>> Windows Server - Directory Services

December 4, 2007

Re: Terminal Server with 2 NIC's

I'm absolutely no networking specialist, but yes, you could setup

your TS as a SSH host (others will jump in if this is not good

practice, I hope).

Here's a short explanation about SSH, what it does and how it

works:

http://en.wikipedia.org/wiki/Ssh

I'm a bit puzzled about the heavy rdp traffic that you see on your

network, though. How many concurrent sessions do you have on your

TS? What are these users doing on your TS that takes so much

bandwidth?

_________________________________________________________

Vera Noest

MCSE, CCEA, Microsoft MVP - Terminal Server

TS troubleshooting: http://ts.veranoest.net

___ please respond in newsgroup, NOT by private email ___

"TR" <TR@somehwere.com> wrote on 04 dec 2007 in

microsoft.public.windows.terminal_services:

> Hi Vera,

>

> I am not familiar with SSH. Is this something I would setup

> directly on the TERMINAL server? Is SSH an open source product?

> We are having the remote people use VPN now, but the VPN's are

> created through the SBS2003 box and this is generating alot of

> traffic on our local lan. Hence my idea about the second network

> card directly on the TERMINAL server itself with a public IP.

>

> thanks

> TR

>

> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote

> in message

> news:Xns99FBE2B9BBCFAveranoesthemutforsse@207.46.248.16...

>> First of all, I agree with Hank that you are taking a big risk.

>> It doesn't matter that rdp is encrypted, because your TS is

>> open for logon attempts from the Internet, and all it needs is

>> just one single user account with a weak password and you're

>> hacked. So I would definitively set your users up with a VPN

>> connection, or SSH, directly to the TS (doesn't have to go

>> through the SBS 2003 server).

>>

>> That said, to answer your original question: I believe that you

>> need to manually configure your Windows routing tables, using

>> the route.exe command. Only one NIC should have a default

>> gateway assigned through the GUI.

>> _________________________________________________________

>> Vera Noest

>> MCSE, CCEA, Microsoft MVP - Terminal Server

>> TS troubleshooting: http://ts.veranoest.net

>> ___ please respond in newsgroup, NOT by private email ___

>>

>> "TR" <TR@somehwere.com> wrote on 03 dec 2007 in

>> microsoft.public.windows.terminal_services:

>>

>>>

>>> Geez Hank...

>>>

>>> Well I am no an expert on routing. How do I give our remote

>>> employees access to the terminal server without burdening our

>>> current SBS network with all the VPN's and all the traffic

>>> they generate on the internal network.

>>>

>>> If the only thing i have enabled on this TERMINAL nic is

>>> TCP\IP and they are using RDP which is supposedly encrypted,

>>> how do i set this up?

>>>

>>> Thanks

>>> TR

>>>

>>> "Hank Arnold (MVP)" <rasilon@aol.com> wrote in message

>>> news:O07iPQZNIHA.2376@TK2MSFTNGP02.phx.gbl...

>>>> TR wrote:

>>>>> Hello,

>>>>>

>>>>> I have a member server on a SBS 2003 network that is a

>>>>> terminal server. I added a second network card to the

>>>>> Terminal Server and purchased a public IP so that our remote

>>>>> employees can log into it from the internet on this second

>>>>> network card without having to create a VPN through our SBS

>>>>> server and generate more traffic on our internal network.

>>>>> When I configure the second NIC with the public ip and try

>>>>> to input the Default Gateway that was provided to me by my

>>>>> ISP, i get the error: Warning - Multiple default gateways

>>>>> are intended to provide redundancy to a single network(such

>>>>> as an intranet or internet). They will not fumction properly

>>>>> when the gateways are on two separate, disjoint

>>>>> networks(such as one on your intranet and one on the

>>>>> internet). Do you want to save this configuration?

>>>>>

>>>>> Is what i am trying to do not a valid configuration?

>>>>>

>>>>> Thanks

>>>>>

>>>>> TR

>>>>>

>>>> Ack!!! What you are trying to do is opening the door to

>>>> hackers!!! Your serve ris now a gateway into your network!!

>>>> Never, ever, put a server on an internal network on the

>>>> internet....

>>>>

>>>> --

>>>>

>>>> Regards,

>>>> Hank Arnold

>>>> Microsoft MVP

>>>> Windows Server - Directory Services

December 8, 2007

Re: Terminal Server with 2 NIC's

Hi Vera,

Thanks for the input. We have approximately between 10 and 15 remote

employees accessing our TERMINAL at any time. They use the basic Office

package, Word, Excel, Outlook, the Shared Fax service of SBS and a web based

propietary medical claims database system that resides on another internal

member server. I may need to do some more investigating to determine

whether it really is our remotes that are generating all the traffic, but

they are the only ones complaining right now.

TR

"Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote in message

news:Xns99FCE0ADA41EEveranoesthemutforsse@207.46.248.16...

> I'm absolutely no networking specialist, but yes, you could setup

> your TS as a SSH host (others will jump in if this is not good

> practice, I hope).

>

> Here's a short explanation about SSH, what it does and how it

> works:

> http://en.wikipedia.org/wiki/Ssh

>

> I'm a bit puzzled about the heavy rdp traffic that you see on your

> network, though. How many concurrent sessions do you have on your

> TS? What are these users doing on your TS that takes so much

> bandwidth?

> _________________________________________________________

> Vera Noest

> MCSE, CCEA, Microsoft MVP - Terminal Server

> TS troubleshooting: http://ts.veranoest.net

> ___ please respond in newsgroup, NOT by private email ___

>

> "TR" <TR@somehwere.com> wrote on 04 dec 2007 in

> microsoft.public.windows.terminal_services:

>

>> Hi Vera,

>>

>> I am not familiar with SSH. Is this something I would setup

>> directly on the TERMINAL server? Is SSH an open source product?

>> We are having the remote people use VPN now, but the VPN's are

>> created through the SBS2003 box and this is generating alot of

>> traffic on our local lan. Hence my idea about the second network

>> card directly on the TERMINAL server itself with a public IP.

>>

>> thanks

>> TR

>>

>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote

>> in message

>> news:Xns99FBE2B9BBCFAveranoesthemutforsse@207.46.248.16...

>>> First of all, I agree with Hank that you are taking a big risk.

>>> It doesn't matter that rdp is encrypted, because your TS is

>>> open for logon attempts from the Internet, and all it needs is

>>> just one single user account with a weak password and you're

>>> hacked. So I would definitively set your users up with a VPN

>>> connection, or SSH, directly to the TS (doesn't have to go

>>> through the SBS 2003 server).

>>>

>>> That said, to answer your original question: I believe that you

>>> need to manually configure your Windows routing tables, using

>>> the route.exe command. Only one NIC should have a default

>>> gateway assigned through the GUI.

>>> _________________________________________________________

>>> Vera Noest

>>> MCSE, CCEA, Microsoft MVP - Terminal Server

>>> TS troubleshooting: http://ts.veranoest.net

>>> ___ please respond in newsgroup, NOT by private email ___

>>>

>>> "TR" <TR@somehwere.com> wrote on 03 dec 2007 in

>>> microsoft.public.windows.terminal_services:

>>>

>>>>

>>>> Geez Hank...

>>>>

>>>> Well I am no an expert on routing. How do I give our remote

>>>> employees access to the terminal server without burdening our

>>>> current SBS network with all the VPN's and all the traffic

>>>> they generate on the internal network.

>>>>

>>>> If the only thing i have enabled on this TERMINAL nic is

>>>> TCP\IP and they are using RDP which is supposedly encrypted,

>>>> how do i set this up?

>>>>

>>>> Thanks

>>>> TR

>>>>

>>>> "Hank Arnold (MVP)" <rasilon@aol.com> wrote in message

>>>> news:O07iPQZNIHA.2376@TK2MSFTNGP02.phx.gbl...

>>>>> TR wrote:

>>>>>> Hello,

>>>>>>

>>>>>> I have a member server on a SBS 2003 network that is a

>>>>>> terminal server. I added a second network card to the

>>>>>> Terminal Server and purchased a public IP so that our remote

>>>>>> employees can log into it from the internet on this second

>>>>>> network card without having to create a VPN through our SBS

>>>>>> server and generate more traffic on our internal network.

>>>>>> When I configure the second NIC with the public ip and try

>>>>>> to input the Default Gateway that was provided to me by my

>>>>>> ISP, i get the error: Warning - Multiple default gateways

>>>>>> are intended to provide redundancy to a single network(such

>>>>>> as an intranet or internet). They will not fumction properly

>>>>>> when the gateways are on two separate, disjoint

>>>>>> networks(such as one on your intranet and one on the

>>>>>> internet). Do you want to save this configuration?

>>>>>>

>>>>>> Is what i am trying to do not a valid configuration?

>>>>>>

>>>>>> Thanks

>>>>>>

>>>>>> TR

>>>>>>

>>>>> Ack!!! What you are trying to do is opening the door to

>>>>> hackers!!! Your serve ris now a gateway into your network!!

>>>>> Never, ever, put a server on an internal network on the

>>>>> internet....

>>>>>

>>>>> --

>>>>>

>>>>> Regards,

>>>>> Hank Arnold

>>>>> Microsoft MVP

>>>>> Windows Server - Directory Services

December 8, 2007

Re: Terminal Server with 2 NIC's

Aaah, but *complaining* about performance doesn't mean that these

users are actually *causing* the performance problems!

Unless these users are printing heavily, it would amaze me if they

could saturate your internal network.

What is the bandwidth and latency of the connection these remote

users are connecting through?

This might also be helpful:

How can I measure RDP bandwidth usage?

http://ts.veranoest.net/ts_faq_administration.htm#monitor_bandwidth

_________________________________________________________

Vera Noest

MCSE, CCEA, Microsoft MVP - Terminal Server

TS troubleshooting: http://ts.veranoest.net

___ please respond in newsgroup, NOT by private email ___

"TR" <TR@somehwere.com> wrote on 09 dec 2007 in

microsoft.public.windows.terminal_services:

> Hi Vera,

>

> Thanks for the input. We have approximately between 10 and 15

> remote employees accessing our TERMINAL at any time. They use

> the basic Office package, Word, Excel, Outlook, the Shared Fax

> service of SBS and a web based propietary medical claims

> database system that resides on another internal member server.

> I may need to do some more investigating to determine whether it

> really is our remotes that are generating all the traffic, but

> they are the only ones complaining right now.

>

> TR

>

> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote

> in message

> news:Xns99FCE0ADA41EEveranoesthemutforsse@207.46.248.16...

>> I'm absolutely no networking specialist, but yes, you could

>> setup your TS as a SSH host (others will jump in if this is not

>> good practice, I hope).

>>

>> Here's a short explanation about SSH, what it does and how it

>> works:

>> http://en.wikipedia.org/wiki/Ssh

>>

>> I'm a bit puzzled about the heavy rdp traffic that you see on

>> your network, though. How many concurrent sessions do you have

>> on your TS? What are these users doing on your TS that takes so

>> much bandwidth?

>> _________________________________________________________

>> Vera Noest

>> MCSE, CCEA, Microsoft MVP - Terminal Server

>> TS troubleshooting: http://ts.veranoest.net

>> ___ please respond in newsgroup, NOT by private email ___

>>

>> "TR" <TR@somehwere.com> wrote on 04 dec 2007 in

>> microsoft.public.windows.terminal_services:

>>

>>> Hi Vera,

>>>

>>> I am not familiar with SSH. Is this something I would setup

>>> directly on the TERMINAL server? Is SSH an open source

>>> product? We are having the remote people use VPN now, but the

>>> VPN's are created through the SBS2003 box and this is

>>> generating alot of traffic on our local lan. Hence my idea

>>> about the second network card directly on the TERMINAL server

>>> itself with a public IP.

>>>

>>> thanks

>>> TR

>>>

>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>

>>> wrote in message

>>> news:Xns99FBE2B9BBCFAveranoesthemutforsse@207.46.248.16...

>>>> First of all, I agree with Hank that you are taking a big

>>>> risk. It doesn't matter that rdp is encrypted, because your

>>>> TS is open for logon attempts from the Internet, and all it

>>>> needs is just one single user account with a weak password

>>>> and you're hacked. So I would definitively set your users up

>>>> with a VPN connection, or SSH, directly to the TS (doesn't

>>>> have to go through the SBS 2003 server).

>>>>

>>>> That said, to answer your original question: I believe that

>>>> you need to manually configure your Windows routing tables,

>>>> using the route.exe command. Only one NIC should have a

>>>> default gateway assigned through the GUI.

>>>> _________________________________________________________

>>>> Vera Noest

>>>> MCSE, CCEA, Microsoft MVP - Terminal Server

>>>> TS troubleshooting: http://ts.veranoest.net

>>>> ___ please respond in newsgroup, NOT by private email ___

>>>>

>>>> "TR" <TR@somehwere.com> wrote on 03 dec 2007 in

>>>> microsoft.public.windows.terminal_services:

>>>>

>>>>>

>>>>> Geez Hank...

>>>>>

>>>>> Well I am no an expert on routing. How do I give our remote

>>>>> employees access to the terminal server without burdening

>>>>> our current SBS network with all the VPN's and all the

>>>>> traffic they generate on the internal network.

>>>>>

>>>>> If the only thing i have enabled on this TERMINAL nic is

>>>>> TCP\IP and they are using RDP which is supposedly encrypted,

>>>>> how do i set this up?

>>>>>

>>>>> Thanks

>>>>> TR

>>>>>

>>>>> "Hank Arnold (MVP)" <rasilon@aol.com> wrote in message

>>>>> news:O07iPQZNIHA.2376@TK2MSFTNGP02.phx.gbl...

>>>>>> TR wrote:

>>>>>>> Hello,

>>>>>>>

>>>>>>> I have a member server on a SBS 2003 network that is a

>>>>>>> terminal server. I added a second network card to the

>>>>>>> Terminal Server and purchased a public IP so that our

>>>>>>> remote employees can log into it from the internet on this

>>>>>>> second network card without having to create a VPN through

>>>>>>> our SBS server and generate more traffic on our internal

>>>>>>> network. When I configure the second NIC with the public

>>>>>>> ip and try to input the Default Gateway that was provided

>>>>>>> to me by my ISP, i get the error: Warning - Multiple

>>>>>>> default gateways are intended to provide redundancy to a

>>>>>>> single network(such as an intranet or internet). They will

>>>>>>> not fumction properly when the gateways are on two

>>>>>>> separate, disjoint networks(such as one on your intranet

>>>>>>> and one on the internet). Do you want to save this

>>>>>>> configuration?

>>>>>>>

>>>>>>> Is what i am trying to do not a valid configuration?

>>>>>>>

>>>>>>> Thanks

>>>>>>>

>>>>>>> TR

>>>>>>>

>>>>>> Ack!!! What you are trying to do is opening the door to

>>>>>> hackers!!! Your serve ris now a gateway into your network!!

>>>>>> Never, ever, put a server on an internal network on the

>>>>>> internet....

>>>>>>

>>>>>> --

>>>>>>

>>>>>> Regards,

>>>>>> Hank Arnold

>>>>>> Microsoft MVP

>>>>>> Windows Server - Directory Services

December 9, 2007

Re: Terminal Server with 2 NIC's

In article <#vbJR$eOIHA.5224@TK2MSFTNGP02.phx.gbl>, TR@somehwere.com

says...

> Thanks for the input. We have approximately between 10 and 15 remote

> employees accessing our TERMINAL at any time. They use the basic Office

> package, Word, Excel, Outlook, the Shared Fax service of SBS and a web based

> propietary medical claims database system that resides on another internal

> member server. I may need to do some more investigating to determine

> whether it really is our remotes that are generating all the traffic, but

> they are the only ones complaining right now.

What you should have done is purchase a Firewall Appliance that allows

for it to be a PPTP/VPN server or to allow users to authenticate with it

first - then you can allow RDP in to the T/S from their authenticated

firewall session.

We NEVER expose terminal server directly to the interet and have almost

100 users on a Dual Xeon 2.8ghz, 4GB RAM, Win 2003 Std Sp2 using Office

2003 and a nasty database application along with IE/Fire Fox - runs

smooth and we never get external traffic.

We also never let the users setup the firewall authentication and the

user/pwd is controlled by the IT Dept and the user is completely

different than their Windows user/password.

--

Leythos

- Igitur qui desiderat pacem, praeparet bellum.

- Calling an illegal alien an "undocumented worker" is like calling a

drug dealer an "unlicensed pharmacist"

spam999free@rrohio.com (remove 999 for proper email address)

December 10, 2007

Re: Terminal Server with 2 NIC's

Thanks for the input. I will take a look at the article about measuring

bandwith.

Our terminal server is currently a member server in an SBS 2003 network and

ISA 2004 handles the VPN's and the passwords.

"Leythos" <void@nowhere.lan> wrote in message

news:MPG.21c5208ae49aec5b989881@Adfree.usenet.com...

> In article <#vbJR$eOIHA.5224@TK2MSFTNGP02.phx.gbl>, TR@somehwere.com

> says...

>> Thanks for the input. We have approximately between 10 and 15 remote

>> employees accessing our TERMINAL at any time. They use the basic Office

>> package, Word, Excel, Outlook, the Shared Fax service of SBS and a web

>> based

>> propietary medical claims database system that resides on another

>> internal

>> member server. I may need to do some more investigating to determine

>> whether it really is our remotes that are generating all the traffic, but

>> they are the only ones complaining right now.

>

> What you should have done is purchase a Firewall Appliance that allows

> for it to be a PPTP/VPN server or to allow users to authenticate with it

> first - then you can allow RDP in to the T/S from their authenticated

> firewall session.

>

> We NEVER expose terminal server directly to the interet and have almost

> 100 users on a Dual Xeon 2.8ghz, 4GB RAM, Win 2003 Std Sp2 using Office

> 2003 and a nasty database application along with IE/Fire Fox - runs

> smooth and we never get external traffic.

>

> We also never let the users setup the firewall authentication and the

> user/pwd is controlled by the IT Dept and the user is completely

> different than their Windows user/password.

>

> --

>

> Leythos

> - Igitur qui desiderat pacem, praeparet bellum.

> - Calling an illegal alien an "undocumented worker" is like calling a

> drug dealer an "unlicensed pharmacist"

> spam999free@rrohio.com (remove 999 for proper email address)

Sign In

Terminal Server with 2 NIC's

Recommended Posts

Guest TR

Popular Days

Popular Days

Guest Hank Arnold (MVP)

Guest TR

Guest Vera Noest [MVP]

Guest TR

Guest Vera Noest [MVP]

Guest TR

Guest Vera Noest [MVP]

Guest Leythos

Guest TR

Similar Content

Terminal server error

Server with 2 NICs domain confusion

Unable to connect to MSSQL database when Dns servers are added to second NIC.

How to troubleshoot Terminal Server issues?

ADK and Windows 2019 Server

Browse

Activity

Site Info