This step-by-step guide walks you through the process of setting up a working Remote Desktop Session Host (RD Session Host) server accessible by using Remote Desktop Gateway (RD Gateway) in a test environment. During this process, you will create a test deployment that includes the following components:

• An RD Gateway server
  
  
• An RD Session Host server
  
  
• A Remote Desktop Connection client computer
  
  

This guide assumes that you previously completed the steps in the Installing Remote Desktop Session Host Step-by-Step Guide (http://go.microsoft.com/fwlink/?LinkId=147292), and that you have already deployed the following components:

• An RD Session Host server
  
  
• A Remote Desktop Connection client computer
  
  
• An Active Directory Domain Services domain controller
  
  

As you complete the steps in this guide, you will:

• Set up the necessary servers in the CONTOSO domain.
  
  
• Install and configure the RD Gateway server.
  
  
• Configure the Remote Desktop client for the RD Gateway server.
  
  
• Verify that the RD Gateway server is functioning correctly.
  
  

The goal of RD Gateway is to enable authorized remote users to connect to resources on an internal corporate or private network, from any Internet-connected device that can run the Remote Desktop Connection (RDC) client. The network resources can be RD Session Host servers, RD Session Host servers running RemoteApp programs, or computers with Remote Desktop enabled.

What this guide does not provide

RD Gateway uses the Remote Desktop Protocol (RDP) over HTTPS to help establish a secure, encrypted connection between remote users on the Internet and the internal network resources on which their productivity applications run.

To function correctly, RD Gateway requires several role services and features to be installed and running. When you use Server Manager to install the RD Gateway role service, the following additional roles, role services, and features are automatically installed and started, if they are not already installed:

• Remote procedure call (RPC) over HTTP Proxy
  
  
• Web Server (IIS) [Internet Information Services]
  
  IIS must be installed and running for the RPC over HTTP Proxy feature to function.
  
  
• Network Policy and Access Services
  
  

We recommend that you first use the steps provided in this guide in a test lab environment. Step-by-step guides are not necessarily meant to be used to deploy Windows Server® features without additional deployment documentation and should be used with discretion as a stand-alone document.

Upon completion of this step-by-step guide, you will have an RD Session Host server that users can connect to with the Remote Desktop client computer by using RD Gateway. You can then test and verify this functionality by connecting to the RD Session Host server by using RD Gateway from the Remote Desktop client as an authorized remote user.

The test environment described in this guide includes four computers connected to a private network using the following operating systems, applications, and services.

The computers form a private network and are connected through a common hub or Layer 2 switch. This step-by-step exercise uses private addresses throughout the test lab configuration. The private network ID 10.0.0.0/24 is used for the network. The domain controller is named CONTOSO-DC for the domain named contoso.com. The following figure shows the configuration of the test environment.