How to Allow Access to Terminal Services on ISA from the External Interface (275210)


The information in this article applies to:

  • Microsoft Internet Security and Acceleration Server 2000
This article was previously published under Q275210

SUMMARY

This article describes how to allow access to Terminal Services on an ISA server from the external interface by creating a static packet filter.

MORE INFORMATION

This section describes the packet filter properties that you need to allow terminal server clients to connect to the Terminal Services session that is running on the ISA server by using the RDP protocol over TCP port 3389:
  1. Open the ISA Administration tool, and then expand the Server settings.
  2. Expand Access Policy, and then click IP Packet Filters.
  3. In the right pane, click Create Packet Filter.
  4. Specify a name such as "Terminal Server access", and then click Next.
  5. In the Set this filter for box, click Only this server, and then click Next.
  6. In the Create a filter for box, click Allow packet transmission, and then click Next.
  7. In the Use this filter box, click Custom, and then click Next.
  8. For the filter settings, specify the following settings, and then click Next:

    IP protocol: TCP
    Direction: Inbound
    Local Port: Fixed port
    Port number: 3389
    Remote Port: All ports

  9. In the Apply this packet filter to box, click Default IP addresses for each external interface on the ISA Server computer, and then click Next.
  10. In the "Remote Computers" section, click either All remote computers or Only this remote computer, and then click Next. This setting specifies the host which is the terminal server client that accesses the Terminal Services session.
  11. Click Finish.
Modification Type:MajorLast Reviewed:2/4/2002
Keywords:kbhowto kbnetwork kbTermServ KB275210
©2002 Microsoft Corporation. All rights reserved.