Access to Terminal Servers

[Guest Candace Sparks]

Just added an additional terminal server on the network. Do not have

experience with terminal server. Now, users are connecting remotely to the

1st terminal server. How can they connect to the 2nd terminal server? I

have tried to connect remotely; I only know to type the Public IP address,

and I connect to the 1st terminal server. I do not see an option to connect

to a different server?

 

Thank you for your help in advance!

 

Candace Sparks

[Guest Vera Noest [MVP]]

Re: Access to Terminal Servers

 

Most likely, you are connecting through a firewall. This firewall

will most likely have a port rule to forward all incoming traffic

on port 3389 to the private IP number of the first Terminal Server.

 

One thing you can do is to configure the second TS to use a

different port, let's say port 3390, and create a second port rule

in your firewall, which forwards all incoming traffic on port 3390

to the second TS. Then you can connect to the second TS by

specifying the public IPnumber followed by the port number, like:

xxx.xxx.xxx.xxx:3390

 

Another solution is to create a load balanced TS cluster, and then

configure the firewall to forward all incoming traffic on port 3389

to the private IPnumber of the LB cluster. This has the advantage

that users don't have to specify a port number.

Here's more information:

 

243523 - Using Terminal Server with Windows Load Balancing Service

http://support.microsoft.com/?kbid=243523

 

323431 - How To Set Up TCP/IP for Network Load Balancing in Windows

Server 2003

http://support.microsoft.com/?kbid=323431

 

280805 - Terminal Services Client Cannot Connect to NLB Cluster

TCP/IP Address

http://support.microsoft.com/?kbid=280805

 

_________________________________________________________

Vera Noest

MCSE, CCEA, Microsoft MVP - Terminal Server

TS troubleshooting: http://ts.veranoest.net

___ please respond in newsgroup, NOT by private email ___

 

"Candace Sparks" <consultants1@comcast.net> wrote on 01 feb 2008

in microsoft.public.windows.terminal_services:

> Just added an additional terminal server on the network. Do

> not have experience with terminal server. Now, users are

> connecting remotely to the 1st terminal server. How can they

> connect to the 2nd terminal server? I have tried to connect

> remotely; I only know to type the Public IP address, and I

> connect to the 1st terminal server. I do not see an option to

> connect to a different server?

>

> Thank you for your help in advance!

>

> Candace Sparks

[Guest Patrick Rouse]

RE: Access to Terminal Servers

 

Cnances are your Terminal Servers are behind a NAT Firewall, and you have

port 3389 open to the first terminal server. To do this the way I would not

recommend, you'd need a second Public IP Address that you can have directed

to port 3389 on the second server. Alternatively you could change the

listening port for the second server to 3390, or some other port, and

continue to use one IP address.

 

That was what I would not recommend. What I would recommend is that you

access the terminal servers via SSL VPN or a SSL Reverse Proxy. This is

typically done by putting the server/appliance in the DMZ, which

intermediates the traffic from the users on the public Internet, so you only

have to open port 443 from the public Internet to the device in the DMZ, then

open port 3389 from the DMZ to the Terminal Servers.

 

Products that offer this functionality are Provision Networks Virtual Access

Suite Enterprise Edition, Citrix Presentation Server Advanced or Enterprise

Edition, 2X LoadBalancer, HobSoft JWT Enterprise and Ericom PowerTerm

Webconnect.

 

To wrap you head around what I'm describing, here is a Visio Diagram of our

solution that offers this functionality:

 

http://www.sessioncomputing.com/pdf/VAS_Architecture.pdf

 

There are plenty of SSL VPN Devices from which you can choose, one of which

is AEP Networks NSP.

 

--

Patrick C. Rouse

Microsoft MVP - Terminal Server

SE, West Coast USA & Canada

Quest Software, Provision Networks Division

Virtual Client Solutions

http://www.provisionnetworks.com

 

 

"Candace Sparks" wrote:

> Just added an additional terminal server on the network. Do not have

> experience with terminal server. Now, users are connecting remotely to the

> 1st terminal server. How can they connect to the 2nd terminal server? I

> have tried to connect remotely; I only know to type the Public IP address,

> and I connect to the 1st terminal server. I do not see an option to connect

> to a different server?

>

> Thank you for your help in advance!

>

> Candace Sparks

>

>

>