Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Terminal Services through Firebox 700

Status
Not open for further replies.
sborsos

sborsos

MIS
Joined
Sep 2, 2002
Messages
10
Location
CA
Could someone point me to some documentation on how to allow access to my terminal servers for remote administration? Thanks a lot.
 
Sort by date Sort by votes
MS Terminal Services? I do not know of any tutorial/docs for this, however it should be easy enough to determine what ports the services require and create a filter for them. I personally use VNC w/SSH2 exclusively for remote administration - great performance and exceptional security.
 
Upvote 0 Downvote
Most secure method is to use VPN. If you need assitance with this, let us know what type of VPN you would like to employ (PPTP or IPSec).
 
Upvote 0 Downvote
Thank you guys for responding.
I am reading the VPN guide for watchguard, but it is 140 pages long...
I am able to use Terminal Services from within the trusted interface. If i add a new service to do 1-1 NAT with port 3389 (the port that TS requires) would that allow TS access from the external?
 
Upvote 0 Downvote
Try it and let us know lol :)

Keep in mind you are walking on a slippery slope if you are using remote adminstration through the Firebox to the internal network WITHOUT a *secure* transport (encrypted tunnel).
 
Upvote 0 Downvote
Truly as ant2112 mentioned, that can be quite dangerous. If you are dead set against VPN, at the very least you should configure the service with a source and dest. IP to isolate the traffic.

Regarding VPN - if you have a license for MUVPN I can walk you through that configuration, or if you do not, PPTP is free and quite simple to configure on both the FB and the client.
 
Upvote 0 Downvote
Sorry to HiJack this thread but I notice NTrOP could probably help me with my problem.

I've connected to our Firebox using MUVPN, I can ping our network but I can't gain access to any resources. What Services in Policy Manager should I set up to enable me to access things like Exchange Server and Shared resources.

Sorry once again, any help would be greatly appreciated.

Thanks
 
Upvote 0 Downvote
To let TS through the FB you can create a custom service on the following ports:

TCP 3389 Ignore
TCP 1494 Ignore
TCP 80 Ignore

I would also recommend that you set up source and destination IPs for added security
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ChrisFairley
  • Locked
  • Question Question
Downloads failing through ASA 5520
Replies
1
Views
333
iggsterman
iggsterman
TheFireman2
  • Locked
  • Question Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
537
hairlessupportmonkey
hairlessupportmonkey
Russtoleum
  • Locked
  • Question Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
388
Russtoleum
Russtoleum
brownmab53
  • Locked
  • Question Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
316
brownmab53
brownmab53
BluffPlace
  • Locked
  • Question Question
Add a website to go through Site 2 Site VPN
Replies
1
Views
317
PScottC
PScottC

Part and Inventory Search

Sponsor

Back
Top