![microsoft terminal server 2008 microsoft terminal server 2008](https://www.thatlazyadmin.com/wp-content/uploads/2017/03/WindowsServer2008.jpg)
#Microsoft terminal server 2008 install
We will install other services during the course of this article series.
![microsoft terminal server 2008 microsoft terminal server 2008](https://kb.thinmanager.com/images/8/80/TerminalServices2.png)
The TS Gateway has only the base operating system installed. The Terminal Server has only the base operating system installed. The Domain Controller has DNS, DHCP, Certificate Services in Enterprise CA mode, and WINS installed. The key configuration option here is that you forward TCP port 443 connections to the Terminal Service Gateway computer. You could use any other simple NAT device or packet filtering router, like a PIX, or even an advanced firewall like the Microsoft ISA Firewall. In this example network, I am using the Windows Server 2008 NAT server as my Internet gateway. The arrows show the flow of communications from the external RDP client to the Terminal Server.Įach of the servers in this scenario are running Windows Server 2008 Enterprise Edition.
#Microsoft terminal server 2008 how to
In this two part series on how to put together a working Terminal Services Gateway solution, we will use the lab network you see in the figure below. This gives you the fine grained control you need to insure that you have a secure remote access RDP solution. Using a Terminal Services Gateway, you can pre-authenticate users and control what Terminal Servers users can access based on credentials and policy. Windows Server 2008 provides a solution to this security problem: Terminal Services Gateway. A compromised Terminal Server is perhaps the most dangerous exploit possible against your network, as the attacker has access to a full operating system to launch his attacks. Without pre-authentication, anonymous users could leverage their anonymous connections to compromise the published Terminal Server. The lack of pre-authentication was an especially difficult problem.
![microsoft terminal server 2008 microsoft terminal server 2008](https://techgenix.com/content/ws/img/upl/image0281205253938169.jpg)
And for good reason – there was no ability to pre-authenticate connections or use policy to determine which users could access which Terminal Servers. Microsoft security administrators have always been a bit wary of publishing Terminal Servers to the Internet. If you would like to read the next part in this article series please go to Configuring the Windows Server 2008 Terminal Services Gateway (Part 2)