How to access terminal services licensing from behind a firewall?



Hope I can explain this:

- I have a Windows NT 4 domain which is behind a firewall.

- The domain intially had NT 4 TSE with Citrix Metaframe 1.8 installed.
Citrix ICA is the only protocol allowed through the firewall for the clients
(the clients are Windows 2000 professional machines and are on the open

- I have now installed a Windows 2000 Server which is running Terminal
Services in application mode and has Citrix Metaframe installed on it as
well. As this is a W2K server it requires access to a TS licensing server. We
don't want to install a TS licensing server in the firewalled domain and want
to use an exisiting server which is on the open network.

- I have made the following changes to the license server. The reg key
HKLM\Software\Microsoft\RPC\Internet and approriate values have been added to
fix the dynamic port range for the server between 5000 - 5100 (100 ports).

- The reg key
has been added to the terminal server to enable it to use the specific
terminal server.

- The terminal server has been given access through the firewall to access
the licensing server on RPC (TCP/135) and a fixed range 5000-5100.

The clients are able to connect to this W2K Citrix server but the server is
throwing out 1010 event ids being not able to find the TS licensing server.

Can someone help??


Can you be more specific about the network setup, i.e. is the TS in a DMZ and
the TSLS on a private network?

Is there a reason why you don't install the TSLS on the Citrix Server?

Patrick Rouse
Microsoft MVp - Terminal Server


The TS is not in a DMZ but is in a firewalled network segment in the private
network. The TSLS is on the private network and so are the clients.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question