Quantcast
Channel: Remote Desktop Services (Terminal Services) forum
Viewing all articles
Browse latest Browse all 1106

2012R2 RDWeb/Gateway through WAP, client is trying to connect rdp to the broker, not to the session hosts.

$
0
0

I'm trying to configure a new 2012R2 RD Deployment.

I have a WAP in the DMZ (not domain joined). I read some articles about SSO and it seems not to work completely so I decided to go with pass through setup (don't habe 2nd factor authentication yet).

I have setup a rd gateway, connection broker, web instance on one server (domain joined).

For testing I added two session hosts (no remote apps yet).

I can successfully login to the rdweb (from inside and through the WAP).

When I try to open the rdp connections shown in the rdweb through the WAP I see that the client tries to RDP directly with the session broker. From inside it skips the gateway and it works fine.

I see the same behaviour in the rd gateway manager under monitoring. I added the connection broker resource to the rules. But as the user can't rdp to the broker (which is hosting the gateway and rdweb too) it never succeed.

I can use the mstsc to configure the gateway manually and connect directly to the session hosts.

What could be the issue?

DNS external: only rdgw.domain.tld to the WAP

DNS internal: rdgw.domain.tld to the IP of the server hosting alle the roles, sessionhosts.domain.tld to the session hosts.

The RDP file I get from the rdweb:

redirectclipboard:i:1
redirectprinters:i:1
redirectcomports:i:0
redirectsmartcards:i:0
devicestoredirect:s:
drivestoredirect:s:*
redirectdrives:i:1
session bpp:i:32
prompt for credentials on client:i:1
server port:i:3389
allow font smoothing:i:1
promptcredentialonce:i:1
videoplaybackmode:i:0
audiocapturemode:i:0
gatewayusagemethod:i:2
gatewayprofileusagemethod:i:1
gatewaycredentialssource:i:0
full address:s:rdgw.domain.tld
gatewayhostname:s:rdgw.domain.tld
workspace id:s:vmrdgw1.domain.tld
use redirection server name:i:1
loadbalanceinfo:s:tsv://MS Terminal Services Plugin.1.SAP
use multimon:i:1
alternate full address:s:rdgw.domain.tld

I found an old comment about the same issue on: http://thewolfblog.com/2014/02/02/configuring-the-rd-gateway-server-for-an-rds-farm-with-ha-enabled-for-the-rd-brokers/ (Comment #3)


Viewing all articles
Browse latest Browse all 1106

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>