IT tutorials
 
Windows
 

Windows Server 2008 R2 Remote Desktop Services : Installing and Configuring Remote Desktop Services (part 7)

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
1/27/2014 1:03:56 AM

5. Installing and configuring Remote Desktop Gateway

The Remote Desktop Gateway provides the ability to securely connect to Remote Desktop applications from outside your corporate firewall without the need for a VPN connection. A Remote Desktop Gateway creates a SSL tunnel between the client computer and the gateway server. The Remote Desktop Session is then created within this tunnel. Figure 22 depicts a typical Remote Desktop Gateway deployment.

Figure 22. Example of a Remote Desktop Gateway deployment.

Notes From the Field

Remote Desktop Gateway firewall ports

The Remote Desktop Gateway will need port 443 opened inbound on your Internet firewall to allow connections from outside. Port 443 is the default port used for SSL services.


In the following exercise, we will go through the process of installing and configuring a Remote Desktop Gateway. For this exercise, we will be configuring a dedicated server for the Remote Desktop Gateway services.

1.
Open Server Manager on the server you wish to set up as the Remote Desktop Gateway.

2.
Select the Roles node. Then click the Add Role link. The Add Roles wizard will launch. Click Next to continue.

3.
Select the Remote Desktop Services role. Then click Next.

4.
At the Introduction to Remote Desktop Services page, click Next.

5.
Select the Remote Desktop Gateway on the role services selection page.

6.
When prompted, select the option Add Required Role Services (see Figure 23). This will add other roles required to support the Remote Desktop Gateway role service. This includes IIS components and the RPC/HTTP proxy feature. Click Next to continue.

Figure 23. Remote Desktop Gateway Required Role Services.

7.
You now need to select a certificate that will be used to provide SSL encryption for RDP connections. For a production deployment, this certificate should be requested from an internal PKI or a public certificate provider. For the purpose of this exercise, let us choose the option to create a self-signed certificate (see Figure 24). Click Next to continue.

Figure 24. Selecting Remote Desktop Gateway SSL certificate.

The next step of the wizard requires that you create a Remote Desktop Connection Authorization Policy (RD CAP) and Remote Desktop Resource Authorization Policy (RD RAP). The RD CAP determines which users are allowed to connect through the Remote Desktop Gateway. The RD RAP specifies which systems remote users can access when connecting through the Remote Desktop Gateway.

8.
Select the option to create authorization policies Now. Then click Next.

9.
Add the groups that will be associated with both the RD RAP and RD CAP policies (see Figure 25). In this exercise, let us use the Administrators group. After adding groups that you want to associate with authorization policies, click Next.

Figure 25. Selecting groups authorized to use Remote Desktop Gateway services.

10.
Enter a name for the RD CAP policy. In this exercise, we will use the default TS_CAP_01.

11.
Select the authentication methods you want to support. For our example, we will use the Password method. After selecting the authentication policy, click Next

to continue.
12.
Enter a name for the RD RAP policy (see Figure 26). We will use the default name TS_RAP_01.

Figure 26. Creating a RD RAP policy.

13.
You can now limit which computers users can connect to through the gateway by specifying a computer group within Active Directory. As best practice, you should create an Active Directory group and place computers that you want to allow gateway access to in that group. In our exercise, we will select the option Allow users to connect to any computer on the network. After selecting what users can connect to, click Next to continue.

Limiting Which Computers Users Can Access Through Gateway

14.
On the Network Policy and Access Services page, click Next.

15.
Ensure that the Network Policy Server option is selected, and then click Next. This is an additional component that is required to support the Remote Desktop Gateway.

16.
Click Next on the IIS overview page.

17.
Accept the currently selected IIS role services by click Next. Again these role services are required to support the Remote Desktop Gateway.

18.
Verify your installation settings on the summary page. Then click Install.

19.
When the installation is complete, click Close.

This completes the basic setup of the Remote Desktop Gateway. You can now configure a Remote Desktop client to connect to a server using the gateway. You can configure the Remote Desktop client to use the gateway by modifying the Connect From Anywhere settings on the advanced tab (see Figure 27).

Figure 27. Remote Desktop client Gateway settings.


Notes From the Field

Remote Desktop Gateway self-signed certificate

If you use the self-signed certificate for the Remote Desktop Gateway, you will need to manually add the certificate to the trusted certificates store on any clients connecting through the gateway. If a client does not trust the self-signed certificate, the connection will fail.


The Remote Desktop Gateway server is a great way to provide business partners or home users with access to secure remote sessions without the need for VPN. The use of the Remote Desktop Gateway also allows you to limit access to specific users and then can limit which computers those users can connect to. Additionally, the Remote Desktop Gateway can be integrated with NAP to ensure that the connecting computers comply with corporate security policies.

 
Others
 
- Windows Server 2008 R2 Remote Desktop Services : Installing and Configuring Remote Desktop Services (part 6)
- Windows Server 2008 R2 Remote Desktop Services : Installing and Configuring Remote Desktop Services (part 5)
- Windows Server 2008 R2 Remote Desktop Services : Installing and Configuring Remote Desktop Services (part 4)
- Windows Server 2008 R2 Remote Desktop Services : Installing and Configuring Remote Desktop Services (part 3)
- Windows Server 2008 R2 Remote Desktop Services : Installing and Configuring Remote Desktop Services (part 2)
- Windows Server 2008 R2 Remote Desktop Services : Installing and Configuring Remote Desktop Services (part 1)
- Windows Server 2008 R2 Remote Desktop Services : What is New in Remote Desktop Services
- Windows 7 : Working with Files - Search for a File
- Windows 7 : Working with Files - Restore a Deleted File
- Windows 7 : Working with Files - Delete a File
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Technology FAQ
- Is possible to just to use a wireless router to extend wireless access to wireless access points?
- Ruby - Insert Struct to MySql
- how to find my Symantec pcAnywhere serial number
- About direct X / Open GL issue
- How to determine eclipse version?
- What SAN cert Exchange 2010 for UM, OA?
- How do I populate a SQL Express table from Excel file?
- code for express check out with Paypal.
- Problem with Templated User Control
- ShellExecute SW_HIDE
programming4us programming4us