jump to navigation

RD Gateway/Web Access Outside the Firewall « Bitz March 2, 2011

Posted by John Ruby in Solutions, Troubleshooting & Knowledge Bases.
trackback

 

RD Gateway/Web Access Outside the Firewall « Bitz

RD Gateway/Web Access Outside the Firewall

WebAccessAndGateway

I recently had the opportunity to work with one of Microsoft Windows Server 2008 R2’s neatest features: Remote Desktop Gateway (RD Gateway) and Remote Desktop Web Access (RD Web Access). If you aren’t familiar with these features, check out a brief summary here.

The setup is fairly straightforward, as outlined here and here. However, I did run into an issue that slowed me down a bit. The solution to this was not documented in the step-by-step guides or on the Microsoft Technet website. If anyone knows otherwise and I’ve overlooked this, as always, please provide the appropriate links in the comments.

Problem: Not able to connect to a Remote Desktop or Remote App program from outside the firewall. Inside the firewall, everything worked like a charm. The network firewall (Cisco router) was configured to allow the appropriate traffic (port 443). Disabling the Windows Server 2008 R2 firewall did not make a difference.

Auth Error

Solution part 1:

Add computer account to domain “IAS and RAS Servers” group

IASRAS Group Membership

Solution part 2:

You should also be sure to configure the default Remote Desktop Gateway server for RD Web Access. Otherwise you could run into issues with the RD Web Access not knowing which RD Gateway to use (even if both roles are installed on the same server!).

  1. Open up “IIS Admin” console from the “Administrative Tools” menu.
  2. Navigate to the default web site and configure the “Application Settings” for “Default Web Site\RDWeb\Pages“.
  3. Change the following setting:

DefaultTSGateway” = [fqdn of Internet accessible TS Gateway]

Note: make sure this is also the server name listed on your SSL certificate.

DefaultTSGateway_AppSettings

Advertisements

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: