0

I have had a look online but can't seem to find what I want. I can find RDP clients for Linux but that is not what I want. I am looking for some software so that a Linux server can be used as a relay or proxy.

The idea is that the Windows server is on a local network and has no direct access to the internet. It all goes through this Linux server which is acting like a hardware firewall and proxy for other things. When people want to connect to the Windows server, the idea is that they would connect to the IP of the Linux server which would then relay the request to the Windows server, meaning the end user logs in via RDP to the Windows server through the Linux server.

To try explaining it visually, the connection would look similar to this:

Client --> Linux --> Windows

I want to make is so the client doesn't have to do anything special, just simply connect to the IP as they normally would for RDP. The Linux server would basically be receiving the request (on port 3389) and simply forwarding it all to the Windows server.

I'm not sure if I've explained myself well enough so if anything needs clarifying, please let me know.

5
Contributors
4
Replies
31
Views
2 Years
Discussion Span
Last Post by mike_2000_17
0

Frankly this sounds like you've confused RDP and routing. I'm going to dismiss 99% of what you wrote and just write you are asking how to route using your linux server. This is not to hold a tutorial or seminar on routing so I'll just share what looks close enough to me. Read http://www.tecmint.com/setup-linux-as-router/

The answer to your topic question is yes. What you need is already in almost all Linux distros but once in a awhile you encounter folk that are looking for a GUI App to make it easy. So far I haven't found that.

0

There are ways to use the Linux server to tunnel the port request through to the Windows server but they would have to connect and authenticate to the Linux system first. There is document I put together a few years ago that covers the subject from the what the users would have to do side. You would have to have tunnels enabled in the ssh server on the Linux box for it to work.
You can grab the word doc from here:
http://txlinux.com/docs/
You want the one that starts with:
HowToConnectToYourOfficeComputerUsingSSHTunnel.doc
It is not exactally the same but I think you will be able to get it from the info. If not send me an email.

0

What you're going to want to do is setup everything going from port 3389/tcp (rdp) to the linux host over an SSH tunnel, and then have something on the linux host that will forward from the linux host over 3389 (assuming the linux host is on the same network as internal Windows host), and once that happens.

At this point, it would be easier for you to setup a VPN connection to the linux host, and then have IPtables forward connections to the Windows host.

Hope that gave you some clarity...

0

What you seem to be wanting to setup is what is commonly referred to as a DMZ (DeMilitarized Zone), which is essentially a computer (usually running Linux) that sits between the world (aka the internet) and an internal network (of one or more computers). The idea is generally to provide a more powerful or customizable firewall and also act as a buffer for any viruses (e.g., infect only the DMZ computer (which is easy to replace or re-install, and does not contain any sensitive data), without infecting the other computers on the internal network).

You can read about what a DMZ is here. And there are instruction on how to set one up here.

But I must point out that the idea of tunneling a remote desktop protocol through a DMZ is a bit non-sensical. The remote desktop protocol is one of the biggest vulnerabilities in Windows, and every single IT-security person worth his salt has this port blocked across the board in all networks he is responsible for. So, wanting to combine a fairly advanced security measure (DMZ) with one of the most vulnerable protocols (RDP) just sounds weird.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.