Restircting users to certain rdp connections

[Doug Taylor]

Hello
Server 2003 with terminal services, the server has two LAN cards one on the
internet and one for the local LAN. Users currently access the server from
the LAN using remote desktop. We have a number of users that also want to
use remote desktop across the internet. We do not want to give all users
the ability to connect over the internet. Is there any way to restrict
certain users to rdp only from the lan and other users to rdp from the lan
or the internet.

Thanks

Douglas

 

[Guest]

Setup a separate RDP-Tcp connection for each NIC, then use the ACL on each
connection to controll access.

Another option is a program like Terminal-Services.net's SecureRDP.

 

[Doug Taylor]

Thanks for your reply.
Lets call my original RDP connection A for the internal LAN nic.
I have set up a second RDP connection (B) on the second NIC. I then check
the properties of connetion B, under permissions I have added a user to
connection B and denied all permissions. The user can still make an RDP
connection to B. If I deny the same user all permissions on the connection
A then the user cannot connect on A or B. If I then give the same user
full permissions on B he still cant make a connection to A or B.

Does this make sense ????

Thanks