ip redirection

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Scenario: our partner company is allowing us access to one of their
application via Terminal server, to make it more secure they allowing
external access to the TS server only if traffic request is originated from
our IP range… so we created link on our Intranet to tsweb (our internal
server) page which then takes internal users to Remote Desktop Web Connection
screen and that’s how they get connected to our partner comp. Terminal
Server, now here is my question: we have large number of telecommuters,
remote employees which need to have an access to this application as well via
TS client, this could be accomplished by giving all external users vpn access
to our network but that’s a policy issue here, not all have or should have
such access we tried the following:
1. created firewall rule to allow access to tsweb page from external
2. and then redirect and connect to TS at partner site
but it did not work as it obviously shows client IP as originator not ours..
so my real question is there a way to “fake†it or redirect in any way so if
external client get to our tsweb and then type IP or name of the other TS
server it will shows IP from our range?

TX
 
1. created firewall rule to allow access to tsweb page from external
2. and then redirect and connect to TS at partner site
but it did not work as it obviously shows client IP as originator not ours..
so my real question is there a way to "fake" it or redirect in any way so if
external client get to our tsweb and then type IP or name of the other TS
server it will shows IP from our range?
Click to expand...

No,..none of that will work. You need VPN.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------
 
like I said vpn is not an option for all external users, does this mean there
isn't other way this could be done?

Phillip Windell said:
1. created firewall rule to allow access to tsweb page from external
2. and then redirect and connect to TS at partner site
but it did not work as it obviously shows client IP as originator not ours..
so my real question is there a way to "fake" it or redirect in any way so if
external client get to our tsweb and then type IP or name of the other TS
server it will shows IP from our range?
Click to expand...

No,..none of that will work. You need VPN.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
Click to expand...
 
None that I am aware of.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------


Rafal W. said:
like I said vpn is not an option for all external users, does this mean there
isn't other way this could be done?

Phillip Windell said:
1. created firewall rule to allow access to tsweb page from external
2. and then redirect and connect to TS at partner site
but it did not work as it obviously shows client IP as originator not ours..
so my real question is there a way to "fake" it or redirect in any way
Click to expand...
so
if
external client get to our tsweb and then type IP or name of the other TS
server it will shows IP from our range?
Click to expand...

No,..none of that will work. You need VPN.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
Click to expand...
Click to expand...
 
Back
Top