Applies to: Windows Server 2012 and 2012 R2
For any RDS farm, there is a very good chance users will be accessing the farm from a remote location outside of the corporate network. When doing so, it is critical to secure their connection, especially when corporate data is being accessed. In order to secure a user’s connection into a RDS farm, a RD Gateway server will be required. The RD Gateway enables authorized remote users to connect to resources in an internal corporate or private network, from any Internet-connected device that can run the Remote Desktop Connection (RDC) client. The network resources can be RD Session Host servers, RD Session Host servers running RemoteApp programs, or computers with Remote Desktop enabled.
The following will cover the steps needed in deploying a RD Gateway Server into a 2012 / 2012R2 RDS farm. Before deploying the RD Gateway Server, the RDS farm should already be built and configured. Please check out the following for more information on deploying a 2012 / 2012R2 Remote Desktop Services (RDS) farm.Requirements: Existing 2012 RDS Farm SSL Certificate along with its private key. Designated domain joined Windows 2012 / 2012 R2 server
Within Server Manager, highlight the Overview section of the Remote Desktop Services node. Inside the deployment section, click on the RD Gateway button.
A wizard will come up which will ask you to select the RD Gateway server. Find the designated server, add it, and hit next. Here our designated server is RDGWY01.
It will then ask for the FQDN which will be used to connect to the RD Gateway Server. This must match the FQDN listed on the SSL certificate which will be used for the deployment. Enter the FQDN and hit Next. In our example, our SSL certificate and RD Gateway FQDN is remote.demolab.int.
Confirm the settings and hit Add.
Once completed, click on the configure certificate link in order to install the SSL certificate.
On the Manage Certificate window, highlight the RD Gateway Role service and click on the button “Select existing certificate”.
The certificate we will be using for our RD Gateway is located in the directory \\dc01\d$\Certs. Click on the browse button.
Locate and select the certificate and hit the open button.
Enter the password for the certificate and check the box “Allow the Certificate to be added to the Trusted Root Certification Authorities store on the destination computers”. Hit OK.
Back on the deployment properties screen, hit apply.
Once it is applied successfully, close the deployment properties window and the RD Gateway wizard.
Congratulations! You have successfully deployed the RD Gateway server for your 2012 /2012 R2 Remote Desktop Farm.