From owner-freebsd-questions@FreeBSD.ORG Wed Jul 23 03:59:58 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6C4CA106567E for ; Wed, 23 Jul 2008 03:59:58 +0000 (UTC) (envelope-from prvs=pschmehl_lists=0832cde34@tx.rr.com) Received: from ip-relay-001.utdallas.edu (ip-relay-001.utdallas.edu [129.110.20.111]) by mx1.freebsd.org (Postfix) with ESMTP id 451B08FC1D for ; Wed, 23 Jul 2008 03:59:57 +0000 (UTC) (envelope-from prvs=pschmehl_lists=0832cde34@tx.rr.com) X-Group: RELAYLIST X-IronPort-AV: E=Sophos;i="4.31,235,1215406800"; d="scan'208";a="4896227" Received: from smtp3.utdallas.edu ([129.110.20.110]) by ip-relay-001.utdallas.edu with ESMTP; 22 Jul 2008 22:59:56 -0500 Received: from [192.168.2.102] (unknown [10.40.1.19]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp3.utdallas.edu (Postfix) with ESMTPSA id 6FCAD23DDF for ; Tue, 22 Jul 2008 22:59:57 -0500 (CDT) Date: Tue, 22 Jul 2008 22:59:55 -0500 From: Paul Schmehl To: User Questions Message-ID: <557AE3211DA28377A2794AA5@Macintosh.local> In-Reply-To: <4886A3CC.4020905@ibctech.ca> References: <48867D4A.2050605@vfemail.net> <8efc42630807221817x873729dg9f4dc18c56865f48@mail.gmail.com> <48869178.60808@ibctech.ca> <518F3B961F96608C4372A995@Macintosh.local> <4886A3CC.4020905@ibctech.ca> X-Mailer: Mulberry/4.0.8 (Mac OS X) X-Munged-Reply-To: To reply - figure it out MIME-Version: 1.0 Content-Type: multipart/signed; micalg=sha1; protocol="application/pkcs7-signature"; boundary="==========CBA91634ACA61897E946==========" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: connecting to a secured Windows 2003 terminal server X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Paul Schmehl List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jul 2008 03:59:58 -0000 --==========CBA91634ACA61897E946========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On July 22, 2008 11:21:48 PM -0400 Steve Bertrand =20 wrote: > Paul Schmehl wrote: > >> To the OP - here's what I get when testing from a FreeBSD box to one of >> our servers: >> >> pauls@utd65257# telnet hostname.utdallas.edu 3389 > >> Connection closed by foreign host. > > Does your server have SSL enabled? The OP stated that prior to upgrade, > the box did NOT have SSL enabled. > RDP has three types of encryption capability: RDP (native), Negotiate and=20 SSL. The default is RDP, which uses RSA keys. To setup SSL you also have = to setup TLS and exchange certs. The OP *may* have that setup. I don't=20 recall. Ours use the native RDP encryption layer with RSA keys and are=20 set to "Client compatible", which means they will use the highest key=20 strength possible - either 56 bits or 128 bits. I think most, if not all, = of our clients use 128 bits, but I haven't verified that. Paul Schmehl If it isn't already obvious, my opinions are my own and not those of my employer. --==========CBA91634ACA61897E946==========--