0

I have a Windows Server Terminal 2019 and its running as

  • DC/DNS
  • Terminal Server

Its running on a VM in the cloud and is reachable through public IP. I dont want (cannot) build up a firewall in a second VM and build up a whole "network"....

I have configured Remote Desktop Gateway and using signed certificates.

I configured RD for RDWeb and its works. But how I close the "normal" rdp? Because How I understand Remote Dektop through RDWeb works no direct on port 3389 like the "Normal".

Or is it too "naive" and safety risk is to high?

Greg Askew
  • 34,339
  • 3
  • 52
  • 81
Wulf
  • 69
  • 7
  • "But how I close the "normal" rdp?" - put the server behind a firewall, such as any business should. – TomTom Sep 17 '20 at 12:22
  • Voting to close: Questions should demonstrate reasonable information technology management practices. Questions that relate to unsupported hardware or software platforms or unmaintained environments may not be suitable for Server Fault. – TomTom Sep 17 '20 at 12:22
  • A domain controller acting as a terminal server is a recipe for disaster. Exposing it to the Internet is just the icing on the cake. – Massimo Sep 17 '20 at 12:38
  • I like cakes... Okay. I will build up a own firewall... – Wulf Sep 17 '20 at 12:44
  • @wulf The real issue here is that you shold not be using a DC as a terminal server; DCs should really not be used for anything else, but having users work on them is especially bad. – Massimo Sep 17 '20 at 12:47
  • @Massimo Yeah I know. The Terminal Server is only for one applikation and its provided through RDWeb. So I think its not a high safety risk. They wont work via rdp on the maschine. – Wulf Sep 17 '20 at 12:48
  • @Wulf it's still completely wrong. You need to be a domain admin to even *log on* to a DC, unless you lower the default security policies. The impact on security of treating a DC as a standard server is always high, quite often higher than expected. – Massimo Sep 17 '20 at 12:55
  • @Massimo So it would be better to run two vm on a virtuell hyperv? – Wulf Sep 17 '20 at 12:58
  • 1
    @Wulf this is not answerable without knowing much more about your environment. But please don't add more details here, ask another question if you need; this is quickly getting too broad. – Massimo Sep 17 '20 at 13:26

0 Answers0