May I ask what smartcard vendor? -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Tuesday, February 02, 2010 1:04 PM To: NT System Admin Issues Subject: Re: TS Gateway Setup
I am setting up a TS Gateway right now with Smart card access. It's working from my desk to the DMZ to the terminal server. I haven't opened up the firewall yet to try it from the internet though. -----Original Message----- Date: Tuesday, February 02, 2010 11:03:40 am To: "NT System Admin Issues" <[email protected]> From: "Richard Stovall" <[email protected]> Subject: Re: TS Gateway Setup I moved away from the old-fashioned Cisco VPN client a while ago and haven't looked back. For a small environment, TS Gateway is so easy to setup that it definitely merits consideration among the many options available. And if you're already using Terminal Services you basically get it for free if you've get the licenses. Why do you require that the remote session run in a browser? I'm not saying it's a bad idea at all, I'm just wondering if it's necessary. AFAIK, to use vanilla TS Gateway (I think it's now called Remote Desktop Services in 2008 R2), you're going to be running the RDClient (mstsc.exe) on the the remote machine or an ActiveX control (mstscax.dll?) to keep it in the browser. Is the browser context more secure? Regarding the use of SecurID, I looked for a long time for a way to use either one time passwords or smart cards from several vendors with TS Gateway and never found anything that worked. Several companies said it would, but none of them really understood TS Gatewa ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
