Terminal Server behind a firewall help needed

Discussion:

(too old to reply)

James

2005-01-19 13:09:27 UTC

I'm trying to set up access to a Windows 2000 Terminal Server machine behind
a firewall to be accessable from the Internet.

We have a Superstack 3 firewall and a fixed external IP address. I have set
up a fixed internal IP address for the Terminal Server machine.

How do I access the Terminal Server exernally? I presume I have to set up
some sort of firewall rule that makes the external IP address access the
internal Terminal Server machine?

As a little extra - ideally I would like to be able to access multiple
Terminal Server machines within my network via the Internet - is this
possible with only one fixed external IP address?

neo [mvp outlook]

2005-01-19 13:19:59 UTC

Permalink

You need to open port 3389 (TCP).

If the environment you are working with is NAT'd behind that fixed public
IP, then should check your firewall documentation to see if the port can be
directed to more than one machine.

Post by James
I'm trying to set up access to a Windows 2000 Terminal Server machine
behind a firewall to be accessable from the Internet.
We have a Superstack 3 firewall and a fixed external IP address. I have
set up a fixed internal IP address for the Terminal Server machine.
How do I access the Terminal Server exernally? I presume I have to set up
some sort of firewall rule that makes the external IP address access the
internal Terminal Server machine?
As a little extra - ideally I would like to be able to access multiple
Terminal Server machines within my network via the Internet - is this
possible with only one fixed external IP address?

James

2005-01-19 13:39:04 UTC

Permalink

Post by neo [mvp outlook]
You need to open port 3389 (TCP).
If the environment you are working with is NAT'd behind that fixed public
IP, then should check your firewall documentation to see if the port can
be directed to more than one machine.

I've done that but I'm not 100% sure how to do it so that it allows port
3389 to access my internal machine.

neo [mvp outlook]

2005-01-19 13:53:28 UTC

Permalink

Check the documentation to see if it mentions port forwarding. If nothing
bubbles up, visit the manufactures website or give their support line a
call. Sorry I can't be of more help since I don't use a Superstack 3
firewall.

Post by James

I've done that but I'm not 100% sure how to do it so that it allows port
3389 to access my internal machine.

James

2005-01-19 14:44:35 UTC

Permalink

Post by neo [mvp outlook]
Check the documentation to see if it mentions port forwarding. If nothing
bubbles up, visit the manufactures website or give their support line a
call. Sorry I can't be of more help since I don't use a Superstack 3
firewall.

Thanks.

Leythos

2005-01-19 14:02:17 UTC

Permalink

Post by James
As a little extra - ideally I would like to be able to access multiple
Terminal Server machines within my network via the Internet - is this
possible with only one fixed external IP address?

Instead of doing forwarding of ports for TS and possibly exposing more
of your system than you want to expose, setup a VPN tunnel that uses the
firewall as the end-point and provides VPN access to the entire network.
This will let you access the network as though you were in the office.

--
--
***@rrohio.com
(Remove 999 to reply to me)

James

2005-01-20 10:24:20 UTC

Permalink

I got my problem sorted using NAT.