RDP using RPC over HTTP

  • Thread starter Thread starter RoadRunner
  • Start date Start date
R

RoadRunner

Can I use RDP using RPC over HTTP ?
How can I set it up?
I would like to access the office desktops remotely without using VPN, ISA
could be an option.
What I would like to do is to go to the TSWeb and access any desktop without
having to connect a VPN or expose my network without a firewall or public
IPs.
Thank You
 
No, RD goes over port 3389 - I don't think you can change it to use 443, and
don't think there would be much advantage even if you could. You still have
to open *something* - and need to be able to get from the public to the
private IP somehow, right?

If you can TS into the server (presuming you have a server) on port 3389,
you can run a remote desktop session from the server to the workstations
(sort of a picture in picture thing).

If you don't have a server, you need to either use VPN to connect first, or
use remote desktop over 3389.

But you have to have public IPs - at least one. And I'd sure hope you have a
properly configured firewall protecting this network!

See if this helps:
http://members.cox.net/ajarvi/RemoteDesktop/Multiple_PC_RD.html
 
1. If I am correct RPC over HTTP can use any port, for example Outlook -
Exchange is using port 6001, 6002, 6004 and I do not have to use SSL (port
443) RDP will encrypt well enough.
The RPC proxy will route the data to the internal network (remote site)
similar to VPN since RPC over HTTP Proxy does not have to reside on the same
server as Exchange. I am assuming that, RPC Proxy, all it does is tunneling,
if all it does is forwarding then will never work.

The idea is to use the TSWeb on the server side and ActiveX RDP on the
client side to access any desktop on the office from any PC that can load
the plug-in.
The question is can you get the TSWeb to use RPC over HTTP.

2. If all my presumptions are false then, is there a way to script/automate
TSWeb to start a session to a server (even desktop running WinXP Pro) and
start an session of RD from there, kind of RD inside RD as you suggested ?
Consider this scenario: when you access the TSWeb will start an RD session
into another server or desktop, then all you have to do is choose a desktop
name and login.
I know that you can do that by starting an RD/TS session with all the login
info filled in and the option of starting the following program:
%SystemRoot%\System32\mstsc.exe, and that gives you an RD inside RD and you
do not even know where the real session is running.
By doing this you would proxy an RD session trough another RD Server, not
really proxy but it would automate the process.
The limitation would be that only one RD session can be ran per Public IP.
If you configure all this with a round-robin DNS and a farm of
servers/desktops will give you several RD to office desktops for anyone
without using VPN.
You could go to http://rdp.mycompany.com and get an RD session.
I cannot find any articles: how to customize the TSWeb virtual webserver.

"Lanwench [MVP - Exchange]"
 
I think this is the premise behind Remote Web Workplace included in
SBS 2K3, but I haven't been able to test (don't have enough machines
behind the router to test when I am at work)...

Jeffrey Randow (Windows Networking & Smart Display MVP)
(e-mail address removed)

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone

1. If I am correct RPC over HTTP can use any port, for example Outlook -
Exchange is using port 6001, 6002, 6004 and I do not have to use SSL (port
443) RDP will encrypt well enough.
The RPC proxy will route the data to the internal network (remote site)
similar to VPN since RPC over HTTP Proxy does not have to reside on the same
server as Exchange. I am assuming that, RPC Proxy, all it does is tunneling,
if all it does is forwarding then will never work.

The idea is to use the TSWeb on the server side and ActiveX RDP on the
client side to access any desktop on the office from any PC that can load
the plug-in.
The question is can you get the TSWeb to use RPC over HTTP.

2. If all my presumptions are false then, is there a way to script/automate
TSWeb to start a session to a server (even desktop running WinXP Pro) and
start an session of RD from there, kind of RD inside RD as you suggested ?
Consider this scenario: when you access the TSWeb will start an RD session
into another server or desktop, then all you have to do is choose a desktop
name and login.
I know that you can do that by starting an RD/TS session with all the login
info filled in and the option of starting the following program:
%SystemRoot%\System32\mstsc.exe, and that gives you an RD inside RD and you
do not even know where the real session is running.
By doing this you would proxy an RD session trough another RD Server, not
really proxy but it would automate the process.
The limitation would be that only one RD session can be ran per Public IP.
If you configure all this with a round-robin DNS and a farm of
servers/desktops will give you several RD to office desktops for anyone
without using VPN.
You could go to http://rdp.mycompany.com and get an RD session.
I cannot find any articles: how to customize the TSWeb virtual webserver.

"Lanwench [MVP - Exchange]"
No, RD goes over port 3389 - I don't think you can change it to use 443, and
don't think there would be much advantage even if you could. You still have
to open *something* - and need to be able to get from the public to the
private IP somehow, right?

If you can TS into the server (presuming you have a server) on port 3389,
you can run a remote desktop session from the server to the workstations
(sort of a picture in picture thing).

If you don't have a server, you need to either use VPN to connect first, or
use remote desktop over 3389.

But you have to have public IPs - at least one. And I'd sure hope you have a
properly configured firewall protecting this network!

See if this helps:
http://members.cox.net/ajarvi/RemoteDesktop/Multiple_PC_RD.html
Click to expand...
Click to expand...
 
Interesting thought...

The only thing I thought was that Outlook and Exchange use RPC to
communicate with one another. Thus RPC over HTTP tunnels the RPC
connection between Exchange/Outlook.. Remote Desktop doesn't use RPC,
though, so a different approach would need to work.

Now, HTTP tunnels (as well as SSH tunnels) WILL work... :)

Jeffrey Randow (Windows Networking & Smart Display MVP)
(e-mail address removed)

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone

1. If I am correct RPC over HTTP can use any port, for example Outlook -
Exchange is using port 6001, 6002, 6004 and I do not have to use SSL (port
443) RDP will encrypt well enough.
The RPC proxy will route the data to the internal network (remote site)
similar to VPN since RPC over HTTP Proxy does not have to reside on the same
server as Exchange. I am assuming that, RPC Proxy, all it does is tunneling,
if all it does is forwarding then will never work.

The idea is to use the TSWeb on the server side and ActiveX RDP on the
client side to access any desktop on the office from any PC that can load
the plug-in.
The question is can you get the TSWeb to use RPC over HTTP.

2. If all my presumptions are false then, is there a way to script/automate
TSWeb to start a session to a server (even desktop running WinXP Pro) and
start an session of RD from there, kind of RD inside RD as you suggested ?
Consider this scenario: when you access the TSWeb will start an RD session
into another server or desktop, then all you have to do is choose a desktop
name and login.
I know that you can do that by starting an RD/TS session with all the login
info filled in and the option of starting the following program:
%SystemRoot%\System32\mstsc.exe, and that gives you an RD inside RD and you
do not even know where the real session is running.
By doing this you would proxy an RD session trough another RD Server, not
really proxy but it would automate the process.
The limitation would be that only one RD session can be ran per Public IP.
If you configure all this with a round-robin DNS and a farm of
servers/desktops will give you several RD to office desktops for anyone
without using VPN.
You could go to http://rdp.mycompany.com and get an RD session.
I cannot find any articles: how to customize the TSWeb virtual webserver.

"Lanwench [MVP - Exchange]"
No, RD goes over port 3389 - I don't think you can change it to use 443, and
don't think there would be much advantage even if you could. You still have
to open *something* - and need to be able to get from the public to the
private IP somehow, right?

If you can TS into the server (presuming you have a server) on port 3389,
you can run a remote desktop session from the server to the workstations
(sort of a picture in picture thing).

If you don't have a server, you need to either use VPN to connect first, or
use remote desktop over 3389.

But you have to have public IPs - at least one. And I'd sure hope you have a
properly configured firewall protecting this network!

See if this helps:
http://members.cox.net/ajarvi/RemoteDesktop/Multiple_PC_RD.html
Click to expand...
Click to expand...
 
Back
Top