ts advanced clinet deployment senario ?

[scott]

Hi,

Im just trying to get my head around this theory before attempting to
deploy:

- Laptop with GPRS CARD connecting over PPTP to,
- Firewall 1 then DMZ (DMZ contains webserver) then.
- FIREWALL 2 then,
- VPN / Terminal server on LAN.

GRPS in uk supports 45kbps approx so was thinking of reducing overheads by
cutting out PPTP. I was going to attempt:

- Laptop with GPRS CARD connecting using HTTP to,
- IP with Firewall 1 then DMZ (DMZ contains webserver),
- Webserver contains secured Intranet and TS Advanced clinet (web client)
connects to,
- FIREWALL 2
- Terminal server on LAN.

My question is, do i need 3389 open Firewall 1 and 2 to get this to work ?

Does the web clinet use 3389 ?

(If this is the case then having the web clinet secured withing an intrnet
dir is not going to make a differce i guess as anyone could connect using
IP, TS standard clinet)

Thanks for any advice.
Scott.

 

[Matthew Harris [MVP]]

Port 80 needs to be open to the internet on your web
server. Once the TSWeb client hits this page, it will
then attempt to connect to your terminal server over port
3389 to the address the TSWeb page gave it.

You'll need to have port 3389 open so the client can
connect properly from the Internet. Basically, when the
client connects to the internet, they need to be able to
get to port 3389 on the terminal server, so if the
terminal server is behind a bunch of firewalls, then all
those firewalls need to correctly pass information from
port 3389 (on the internet side) to the terminal server
(on the private internal network).

-M

 

[scott]

its logical really. Thanks for the reply.
Scott.