locked
Publishing App Controller (2012 SP1) to Internet Located Users via TMG2010 RRS feed

  • Question

  • Hi All,

    I'm trying to publish a demo environment hosted on our internal App Controller via TMG, to some colleagues working from home via non domain joined PC's.

    I've configured a publishing rule on TMG 2010 that allows my remote user to login. They connect using a name like https://vmm.company.com and this all works fine. But if they try to initiate a connection to the Hyper-V Guest machines Console they get a DNS error

    Virtual Machine Manager failed to connect to the virtual machine because the hostname (xxx.yyy.com) could not be resolved by Domain Name System

    Looking at the URL although it is using the vmm.company.com, in the path xxx.internal.com is being used and this is the internal Hyper-V Host machines internal FQDN.

    So I thought i'd be clever and use link translation in the rule, so that the TMG replaces any traces of xxx.internal.com with vmm.company.com, now I don't get the DNS error any more but I get a socket error, asking me to check my firewall.

    Sure enough I check the logs in TMG and there are access denied entries on that port, coming from external to the TMG's perimeter IP address

    So I create an access rule to allow 2179 from external to the ip address, and a non web server publishing rule for the internal Hyper-v host listening on 2179, but I now get this error in the TMG logs, access is initially allowed

    A connection was abortively closed after one of the peers sent an RST packet

    the same Socket Error is received on the client.

    Anyone ever done anything like this, or have a clue what i'm doing wrong?

    Cheers

    Darren

    Monday, December 9, 2013 4:54 PM

Answers

  • Hi Darren,

    To show the console of a virtual machine it is necessary to create a connection from the client computer to the Hyper-V server. An alternative to opening a port on your Hyper-V servers to the Internet is to publish App Controller as a RemoteApp. In this situation, colleagues working from home will connect to the Remote Desktop Gateway and App Controller will be running on the gateway. When a console connection is made the connection is then from the Gateway to the Hyper-V server.

    You could also consider the Remote Console feature in System Center 2012 R2 http://technet.microsoft.com/en-us/library/dn469415.aspx. This feature is designed to allow console connections from clients that are outside of the corporate network.

    Kind Regards

    Richard


    This posting is provided "AS IS" with no warranties, and confers no rights.

    Saturday, January 4, 2014 12:31 AM