does that rule allow inside to that IP? --the TS you are trying to reach is outside on the WAN? ... you'd need a rule inside to that IP as well...
----------------- Who'd you rather be, the Beatles or the Rolling Stones? On Thu, Jun 2, 2011 at 12:44, Jay Dale <[email protected]> wrote: > There is currently a rule to allow RDP from the outside to the inside to a > specific IP. I tried creating a rule that would allow outbound RDP, but > that didn’t help. > > > > *Jay Dale** > * Senior Systems Administrator > > P:281-574-2414 > > > > *From:* S Powell [mailto:[email protected]] > *Sent:* Thursday, June 02, 2011 11:39 AM > > *To:* NT System Admin Issues > *Subject:* Re: RDP through ISA Array > > > > > > Does it have its own rule to allow this access externally? > > > > you said internal cannot RDP to WAN, is this a separate rule? check this > rule to make sure it is still correct. > > > > > ----------------- > Who'd you rather be, the Beatles or the Rolling Stones? > > On Wed, Jun 1, 2011 at 06:52, Jay Dale <[email protected]> wrote: > > Hey all, > > > > I have a client who is using 2 ISA 2006 servers in an array. ISA 1 is for > the internal clients with a subnet of 192.168.0.0 and ISA 2 is the external > access with a WAN IP and DMZ. The WAN IP is bound to the NIC along with a > block of secondary IP's. They use a web application that, upon clicking a > hyperlink launches a window that in turn launches an RDP connection to one > of the WAN links that then runs a Terminal Server application on a 2008 > Enterprise server. The problem they're having is that external users can > run the application just fine, but users on the internal network can't RDP > to the WAN address. They say it used to work, but either a patch broke it > or something has changed and they can no longer access it. When they click > on the hyperlink, a white window comes up and then the RDP warning window > regarding using the Clipboard comes up, but then nothing. > > > > I've tried RDP'ing directly to the WAN address from inside the network and > it fails. I try RDP'ing directly to the private IP that it's supposed to > point to and it works fine. I've looked in the ISA's and there is a policy > that allows RDP listening on that WAN IP to forward to the right server, so > settings-wise it appears to be right, but it doesn't work. I haven't worked > with ISA in years and I'm not sure where to go from here - I've tried > disabling the RPC filter and such but to no avail. > > > > Can anyone point me in the right direction? > > > > Thanks, > > > > Jay > > > > > > *Jay Dale* > > Senior Systems Administrator > > Unetek, Inc. > > Phone: 281.574.2414 > > Email:[email protected] > > > > Confidentiality Notice: This e-mail, including any attached files, may > contain confidential and/or privileged information for the sole use of the > intended recipient. If you are not the intended recipient, you are hereby > notified that any review, dissemination or copying of this e-mail and > attachments, if any, or the information contained herein, is strictly > prohibited. If you are not the intended recipient (or authorized to receive > information for the intended recipient), please contact the sender by reply > e-mail and delete all copies of this message. > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
