Main Page 
PC Review
Forums
Newsgroups
Windows 2000
Microsoft Windows 2000 Terminal Server Applications
Terminal server on DMZ ?
Forums
Newsgroups
Windows 2000
Microsoft Windows 2000 Terminal Server Applications
Terminal server on DMZ ?
 |
Terminal server on DMZ ? |
|
|
Thread Tools | Rate Thread |
21-01-2004, 12:11 AM
|
#1 |
|
Guest
Posts: n/a
|
Terminal server on DMZ ?
Hi,
I have to connect to my server from everywhere (through Internet) to run some applications as I were on my company. What is the best way to do that ? Put a terminal server on DMZ that let me connecting in some way (VPN ?) to my internal server on my lan ? Server on DMZ cannot by default make connection to server on LAN, else DMZ is not a DMZ ... I have no idea. Any suggestions ? Thanks, Michele L. |
|
|
21-01-2004, 12:31 AM
|
#2 |
|
Guest
Posts: n/a
|
RE: Terminal server on DMZ ?
It's reasonably secure to open port 3389 in your firewall directly to the TS, as RDP Traffic including logons are encrypted at 128bits. Many people do this w/o use of VPN or stationing the TS in a DMZ.
Patrick Rouse Microsoft MVP - Terminal Server http://www.patrickrouse.com |
|
|
|
21-01-2004, 04:17 PM
|
#3 |
|
Guest
Posts: n/a
|
Re: Terminal server on DMZ ?
Do you mean I have to put a Terminal Server in DMZ, and connect to it from
Internet ? And how can I run my applications that resides on my internal server ? How can I establish a secure connection from the TS on DMZ to the applicazion server on my LAN ? For security reasons i don't want to put my applications and database on the TS on DMZ. ! ! Firewall ------- DMZ (Terminal Server) ! ! LAN ! ! Application Server Thanks, Michele L. "Patrick Rouse [MVP]" <anonymous@discussions.microsoft.com> ha scritto nel messaggio news:6AB89FB7-9163-41A7-8362-73873BF60C21@microsoft.com... > It's reasonably secure to open port 3389 in your firewall directly to the TS, as RDP Traffic including logons are encrypted at 128bits. Many people do this w/o use of VPN or stationing the TS in a DMZ. > > Patrick Rouse > Microsoft MVP - Terminal Server > http://www.patrickrouse.com |
|
|
|
21-01-2004, 09:36 PM
|
#4 |
|
Guest
Posts: n/a
|
Re: Terminal server on DMZ ?
No, what I recommended is to NOT put the TS in the DMZ, just put it on your local/private network and open port 3389 to this machine so you can access it on the LAN and via the Internet. Your data shouldn't exist on the TS anyway, but on a file or database server. The TS should be setup like a workstation, i.e. applications that connect to files/databases hosted on other machines. Just my recommendation. What is your specific reason for wanting to use the DMZ?
Patrick Rouse Microsoft MVP - Terminal Server www.patrickrouse.com |
|
|
|
22-01-2004, 02:12 PM
|
#5 |
|
Guest
Posts: n/a
|
Re: Terminal server on DMZ ?
I thought that I had to put all public servers on DMZ (e.g. web server, mail
server, ...) and not to public a server on the LAN. I am mistaking myself ? In any case, if my TS on LAN is secure (e.g. TS over VPN, only port 3389 open on my firewall) why I have to host my files/database on another server ? Thanks, Michele L. "Patrick Rouse [MVP]" <anonymous@discussions.microsoft.com> ha scritto nel messaggio news:9B8CC8E9-DD1D-4819-ACE4-F80908C8AF3D@microsoft.com... > No, what I recommended is to NOT put the TS in the DMZ, just put it on your local/private network and open port 3389 to this machine so you can access it on the LAN and via the Internet. Your data shouldn't exist on the TS anyway, but on a file or database server. The TS should be setup like a workstation, i.e. applications that connect to files/databases hosted on other machines. Just my recommendation. What is your specific reason for wanting to use the DMZ? > > Patrick Rouse > Microsoft MVP - Terminal Server > www.patrickrouse.com |
|
|
|
|
| Thread Tools | |
| Rate This Thread | |
|
|
