In a typical slightly undocumented Microsoft move, you need to open up TCP port 4125 as well as port 3389 (which is the standard RDP port) to allow a remote user to log in through the SBS Remote Web Workplace. So why not just say so somewhere?
Actually no, 3389 isn’t used at all for Remote Web Workplace.
To configure advanced Remote Web Workplace settings:
http://technet2.microsoft.com/WindowsServerSolutions/SBS/en/library/490fd43d-644f-4acf-8a39-58208b8868b41033.mspx
http://technet2.microsoft.com/WindowsServerSolutions/SBS/en/library/490fd43d-644f-4acf-8a39-58208b8868b41033.mspx
Probably the best instructions on RWW are here:
The Official SBS Blog : Inside the Remote Web Workplace – Part I:
http://blogs.technet.com/sbs/archive/2006/07/25/443383.aspx
http://blogs.technet.com/sbs/archive/2006/07/25/443383.aspx
But no, it’s 443 and 4125 ONLY for Remote Web Workplace. I don’t have 3389 open at all.
And it says so, it’s just hard to find. Buy a book. It’s in most all of the good SBS books.
…and stay tuned to SBS 2008 when port 4125 won’t be used at all….
P.S. that’s kinda wrong.. http://articles.techrepublic.com.com/5100-10878_11-6155394.html
The only reason to open up 3389 is when you’ve got ISA Server on the SBS box and want to get to the box if ISA goes into Lockdown Mode. You can have a rule in ISA Server to block 3389, so it only becomes active in Lockdown Mode.
I’ve found it useful twice before.