Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1698
Views
3
Helpful
12
Replies

Terminal Services over SSL-VPN

mattcooling
Level 1
Level 1

‎06-14-2004 03:05 AM - edited ‎02-21-2020 01:11 PM

Hi,

Has anyone managed to get terminal services to work over the SSL VPN? I have tried setting it up, using both the IP address and the FQDN as the host, but nothing is changed in the hosts file (although a hosts.webvpn file is created?).

Also, when I try to connect to the loopback addresss or my machine's IP address using terminal servies, I get the error message 'The client could not connect. You are already connected to the console of this computer. A new console session cannot be established.'.

If anyone has got this working, please could they let me know how they did it.

Cheers,

Matt

Labels:
0 Helpful
12 Replies 12

travis-dennis_2
Level 7
Level 7

‎06-14-2004 04:22 AM

On the concentrator:

Configuration | Tunneling and Security | WebVPN | Port Forwarding

Add a name(anything), Local Port(use 2970 the first time out), Remote Server (name or IP address of the target terminal server), Remote Port( use 3389)

Under Configuration | User Management | Groups | Modify | "group-name" Under the General tab make WebVPN is checkec under the Tunneling Protocols.

I think that is it. Keep in mind that you will have to use different ports for each server. This should get you up and running on one.

Hope this helps.

Please remember to rate all posts

Thanks,

Travis

0 Helpful

mattcooling
Level 1
Level 1
In response to travis-dennis_2

‎06-14-2004 04:30 AM

Hi Travis, and thanks for your response. I have already tried the approach you suggested - can you confirm what IP address and port you would attempt to connect to using 'Remote Desktop Connection' ?

Thanks,

Matt

0 Helpful

travis-dennis_2
Level 7
Level 7
In response to mattcooling

‎06-14-2004 04:40 AM

The name of the server. Now. What version of code are you running? Are you going to https://public_ip_of_the_concentrator, logging in, clicking Start Application Access, getting the Java applet pop-up and seeing the terminal server listed there? At this point you can launch the TS client and not before. Please verify these actions and we can take it from there.

mattcooling
Level 1
Level 1
In response to travis-dennis_2

‎06-14-2004 04:53 AM

Thanks Travis.

I'm running v4.1 of the code, and am doing exactly as you say - the terminal server is listed here. I have also noted that my hosts file has been edited with a line pointing the FQDN to 127.0.0.2. However, if I try and connect to the port 3389 at that IP address, it just takes me to my local machine. If I try and and connect to port 2970 at that IP address, I get a port closed message.

Any other ideas?

Many thanks,

Matt

0 Helpful

mattcooling
Level 1
Level 1
In response to travis-dennis_2

‎06-14-2004 04:53 AM

Thanks Travis.

I'm running v4.1 of the code, and am doing exactly as you say - the terminal server is listed here. I have also noted that my hosts file has been edited with a line pointing the FQDN to 127.0.0.2. However, if I try and connect to the port 3389 at that IP address, it just takes me to my local machine. If I try and and connect to port 2970 at that IP address, I get a port closed message.

Any other ideas?

Many thanks,

Matt

0 Helpful

travis-dennis_2
Level 7
Level 7
In response to mattcooling

‎06-14-2004 05:04 AM

Try changing the host file to use the actual IP address of the server

0 Helpful

mattcooling
Level 1
Level 1
In response to travis-dennis_2

‎06-14-2004 07:59 AM

Unfortunately that doesn't work - it then reports that I am trying to connec to my local PC, which isn't allowed.

Any other thoughts?

Regards,

Matt

0 Helpful

travis-dennis_2
Level 7
Level 7
In response to mattcooling

‎06-14-2004 10:34 AM

Can you post the portion of your host file that refernces the terminal server?

0 Helpful

mattcooling
Level 1
Level 1
In response to travis-dennis_2

‎06-15-2004 12:25 AM

Hi Travis,

My hosts file contains the following additional lines at the top:

127.0.0.2 myterminalserver.mydomain.com # added by WebVpnPortForward at Tue Jun 15 09:24:45 BST 2004

127.0.0.2 myterminalserver.mydomain # added by WebVpnPortForward at Tue Jun 15 09:24:45 BST 2004

Regards,

Matt

0 Helpful

odiaz
Level 1
Level 1

‎06-14-2004 12:26 PM

Hi Matt,

I'm trying to set his up now and I am having the same issues you are having. I am using the Miocrosoft terminal services MMC plug in and I don't see an option to specify a port number to use for a given server connection.

I'll post a reply with my progress, maybe it will help.

Octavio

0 Helpful

odiaz
Level 1
Level 1

‎06-15-2004 09:20 AM

Hi Matt,

I just got it working.

The trick was to use the DNS name and not the IP address in the port forwarding configuration. Use port 3389 as the local and the remote port. The good thing is that by using the dns name, you can configure mutiple terminal server sessions to different servers and still us the same local port, thus you do not have to reconfigure your local terminal server client configurations.

Now, it shows up in the application access window under the local column with the hostname:3389. Bring up your terminal server application and connect as usual.

Hope this works for you.

0 Helpful

mattcooling
Level 1
Level 1
In response to odiaz

‎06-15-2004 11:11 AM

Thanks for the reply - I had already tried this without success, but then I realised it was because port 3389 is in use on my machine (to allow me to remotely connect to it). It seems that given that Remote Desktop Connection doesn't support the use of different ports, it isn't possible to use Terminal Services over the WebVPN if it is running locally. However, it can run if the local version of TS is disabled.

Many thanks for your help.

Matt

0 Helpful
Customers Also Viewed These Support Documents