If you’re like most people, you probably have multiple terminals open on your computer. You might have one in the foreground and one in the background, or you might have multiple terminals open at the same time and use different ports for each. If you want to run multiple terminal servers on a single IP address, there are a few things you need to do. First, create a new network interface and name it “terminal1”. Then create a new port on that interface and name it “terminal1”. Finally, set up an appropriate routing table so that all traffic going through terminal1 goes through terminal2 instead of going out to the internet. Now let’s take a look at how to do this. First, we’ll create a file called “config.txt” in our home directory and add the following lines:
Terminal Server Configuration # # This file is used by nano to configure your terminal server # # If you don’t use nano, then these lines will not work # export TERM=xterm export PORT=11111 export TMPDIR=/tmp/terminal1 export TMPDIR_NO_AUTO_CREATE=true
Next we’ll need to start our terminal server. We can do this by running the following command:
service terminaltest start
In our article, we are going to cover handling multiple terminal servers (using the RDP protocol which runs on port 3389), again, in a network which only has a single public IP address. In our environment, we use a DD-WRT based router (flashed on a $25 Linksys router) which acts as both our firewall and router. If you are not using a DD-WRT based router, the same method may be available on your firewall/router. Additionally, we cover an alternate method which should work in any environment.
Configuring Port Forwarding
One of the nice features of port forwarding in DD-WRT is the ability to seamlessly apply port “remapping”, that is the external port the client connects to at the router is mapped to an alternate port which is sent to the target machine in your network. The advantage to this method is you do not have to make any configuration changes on the server machines since the traffic is sent to it using the default port.
In the example below, there are 3 terminal server/RDP servers inside the network:
Local 192. 168. 16. 21 (rdp_primary) runs Small Business Server 2008 Local 192. 168. 16. 24 (rdp_2) runs Windows Server 2003 Standard Local 192. 168. 16. 25 (rdp_3) runs Windows Server 2008 Standard
In the DD-WRT control panel under the NAT/QoS > Port Forwarding tab you can configure port remapping. In our example we are using the default RDP port (3389) to connect to ‘rdp_primary’ and using external ports 624 and 625 to route RDP traffic to ‘rdp_2’ and ‘rdp_3’ on the default port of 3389. Simply put, when traffic comes in to ports 624 or 625, the router automatically applies the translation which sends the data to ports 3389 on the target machines. The target server never knows the difference.
Connecting
The connections below show how the client would connect to desired server using the configuration settings above.
Connecting to the default RDP port (3389) routes to the Small Business Server 2008 machine.
Connecting to RDP using port 624 routes to the Windows Server 2003 Standard machine.
Connecting to RDP using port 625 routes to the Windows Server 2008 Standard machine.
Alternate Method
As an alternate to using port remapping, you configure each server machine to use a different RDP port by editing the following registry value and then rebooting the machine:
If you go this route, you must remember to configure port forwarding on your master firewall as well as update any local firewall rules (i.e. the Windows Firewall) running on the respective machine to allow the alternate port number.
After making these configuration changes, the end users would access the terminal servers running on the alternate port the same way illustrated above.
Conclusion
For our article, we used RDP as the example for illustrating how you can use port remapping eliminate non-standard configurations on your servers, but you can just as easily apply the same methodology for any other services such as HTTP or SMTP.
Links
DD-WRT Website
