On our SA2000 i have configured a few roles with web book marks and terminal services links. However when remote users click on the links they just time out. However if I use a network connect policy, and try to access the same bookmarks and terminal servers it works.
There are no firewalls or anything else blocking the traffic from the SA2000 itself, the SA2000 can ping all the servers from the admin console. So why would network connect work, but other book marks not work?
You need to create an access list to allow this.
In terminal services, there is a tick box "Create an access control policy allowing Terminal Service access to this server."
In web bookmarks use "Autopolicy: Web Access Control" to add the URLs users are allowed to browse to.
Alternatively you can define more granular rules manually under the Resource Policies -> Web -> WebACL and Resource Policies -> Terminal Services -> Access Control.
Thanks for the reply, still can't get it to work.
I'm trying to get a single terminal services session working..... Here is what is configured so far
A terminal service session configured under users roles
Under Terminal Services access control policies i have added the IP address of the server configured under the user role, and applied the policy to the appropriate role.
When the user logs onto the remote access portal, the link to the server appears, but when the click on it, it just times out.
I have checked the logs on the firewall which the SA2000 sits behind, and there is no attempt to make a connection from the SA2000 to the terminal server. The firewall shows no logs at all.
When i connect to this same server under a network connect policy it works fine.
Running version 6.5R1 (build 14599)
That still sounds like an ACL problem. Have you tried clicking the "Create an access control policy allowing Terminal Service access to this server." within the resource profile?
What is timing out? What is the message shown? Do you see a failure message on the events or user access log?
The error that appears on the clients screen is 'The remote connection has timed out. Please try connecting to the remote computer again"
There are no logs showing up anywhere on the portal, is there some advanced logging or debugging i can do? I have done a policy trace but this does not show any connection problems.
I dont think its an ACL policy. For the ACL i have specified 10.0.0.0/8:*
The IP address i'm trying to connect to is 10.132.200.11 so the above ACL should permit the traffic
I have also tried just putting a * in the ACL but this also does nothing.
As mentioned its the firewall on the other side of the SA2000 shows no traffic from the SA2000 attempting to reach the terminal server....
EDIT: - Just did some more testing, i have the terminal services link working now, but not the web bookmark.
I did a netstat -n on a test PC after clicking on the weblink and noticed that there was a connection to the web link IP address from the client. So the requst for the website is not comming from the SA2000, rather the client is opening it up link a normal page.... why would that be happening?
What type of web bookmark is not working? You are not using webTS, are you? If yes, this will require SAM or Network Connect as the ActiveX control cannot be rewritten and needs a direct connection (as you are seeing from the PC).