Questions

TS Gateway and RDP

Tags:
+
0 Votes
Locked

TS Gateway and RDP

artanyis
Ok, this should have been simple but I'm missing something and am about to throw a server into the bathtub. Please help me.

Here's the problem, I have a 2008R2 server with TS Gateway. I have created an SSL certificate and loaded it onto the client, but all I ever get is "Your computer can't connect because the Remote Desktop Gateway server address is unreachable or incorrect."

I can not find the problem, local RDP works without the TS Gateway but as soon as I install the role RDP stop all together. I am at a complete loss here.

Had I managed to configure the SSL cert wrong it would give me either a server miss-match error or an invalid certificate error.

When I initiate the connection it thinks a while then asks for username and password than thinks some more than gives me the message.
  • +
    0 Votes
    robo_dev

    is this all local, or is this over the Internet/WAN through a firewall?

    Can you ping the server IP address from the client?

    Are your clients trying to hit the server with a DNS name or an IP address?

    If using DNS, you may need an entry in the local hosts file on the TSGateway box. The external DNS name the clients are trying to reach needs to be associated with the internal IP address of the server.

    Note that there are group policy settings for TS Gateway, especially the "Enable Connections Through TS Gateway" policy, which may be your issue, depending on your network toplogy. See the link below on GP for TS:
    http://technet.microsoft.com/en-us/library/cc731264%28WS.10%29.aspx

    +
    0 Votes
    artanyis

    The DHCP, DNS, and TS Gateway is all the same machine. There is no physical firewall device other than the VERY basic router that is connecting them to the ISP. Its a new server setup so no additional software has been installed. I currently have the windows firewall off as well but before trying to just shut it off entirely I made sure the exceptions were there.

    Both local and remote do not work, hence the problem, my customer needs at least 1 remote client to be able to connect.

    I'm checking onto the policies now but I had taken a look through them before and didn't see anything out of place.

    +
    0 Votes
    artanyis

    Okay, so we removed the TS Gateway service in the process or finding and repairing another major issues in this cursed machine. On the plus side it turns out that we will not need it, a simple VPN for only about 5 clients and a single remote admin RDP is all that is needed. Thanks for your help anyway.

  • +
    0 Votes
    robo_dev

    is this all local, or is this over the Internet/WAN through a firewall?

    Can you ping the server IP address from the client?

    Are your clients trying to hit the server with a DNS name or an IP address?

    If using DNS, you may need an entry in the local hosts file on the TSGateway box. The external DNS name the clients are trying to reach needs to be associated with the internal IP address of the server.

    Note that there are group policy settings for TS Gateway, especially the "Enable Connections Through TS Gateway" policy, which may be your issue, depending on your network toplogy. See the link below on GP for TS:
    http://technet.microsoft.com/en-us/library/cc731264%28WS.10%29.aspx

    +
    0 Votes
    artanyis

    The DHCP, DNS, and TS Gateway is all the same machine. There is no physical firewall device other than the VERY basic router that is connecting them to the ISP. Its a new server setup so no additional software has been installed. I currently have the windows firewall off as well but before trying to just shut it off entirely I made sure the exceptions were there.

    Both local and remote do not work, hence the problem, my customer needs at least 1 remote client to be able to connect.

    I'm checking onto the policies now but I had taken a look through them before and didn't see anything out of place.

    +
    0 Votes
    artanyis

    Okay, so we removed the TS Gateway service in the process or finding and repairing another major issues in this cursed machine. On the plus side it turns out that we will not need it, a simple VPN for only about 5 clients and a single remote admin RDP is all that is needed. Thanks for your help anyway.