Restricting VPN Connections to RDC Port 3389

Hi There,

Does anyone know if it would be possible to create a VPN connection on a
Windows 2003 Server to only permit access to port 3389 on just our W2003
terminal services server. I hope this would eliminate some of the risks of
infected home computers being directly attached to our network if they could
only access the one RDC port on just our TS server. Does anyone have any
advice for me as I begin investigating this?

I could do this on our firewall, but then I don't think there is are any
strong authentication or encryption capabilities as there are with the VPN
connection.

Thanks,

Matt

You can do a straight RDP connection over 3389 the data stream is encrypted
to 128-bit encryption just as good as VPN.

--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights

Do it with your firewall (if that's your VPN endpoint, it's where you should
be doing it). Auth is only as strong as what you have setup for VPN. That's
on you, not the firewall :-)


"Matt" <(E-Mail Removed)> wrote in message
news:2A4335A2-34CC-44AA-8312-(E-Mail Removed)...
> Hi There,
>
> Does anyone know if it would be possible to create a VPN connection on a
> Windows 2003 Server to only permit access to port 3389 on just our W2003
> terminal services server. I hope this would eliminate some of the risks
of
> infected home computers being directly attached to our network if they
could
> only access the one RDC port on just our TS server. Does anyone have any
> advice for me as I begin investigating this?
>
> I could do this on our firewall, but then I don't think there is are any
> strong authentication or encryption capabilities as there are with the VPN
> connection.
>
> Thanks,
>
> Matt