Was this page helpful?
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

Deploying Remote Desktop Gateway Step-by-Step Guide

Updated: June 24, 2009

Applies To: Windows 7, Windows Server 2008 R2

This step-by-step guide walks you through the process of setting up a working Remote Desktop Session Host (RD Session Host) server accessible by using Remote Desktop Gateway (RD Gateway) in a test environment. During this process, you will create a test deployment that includes the following components:

  • An RD Gateway server

  • An RD Session Host server

  • A Remote Desktop Connection client computer

This guide assumes that you previously completed the steps in the Installing Remote Desktop Session Host Step-by-Step Guide (http://go.microsoft.com/fwlink/?LinkId=147292), and that you have already deployed the following components:

  • An RD Session Host server

  • A Remote Desktop Connection client computer

  • An Active Directory Domain Services domain controller

This guide includes the following topics:

The goal of RD Gateway is to enable authorized remote users to connect to resources on an internal corporate or private network, from any Internet-connected device that can run the Remote Desktop Connection (RDC) client. The network resources can be RD Session Host servers, RD Session Host servers running RemoteApp programs, or computers with Remote Desktop enabled.

This guide does not provide the following:

  • An overview of Remote Desktop Services.

  • Guidance for setting up Active Directory Domain Services or an RD Session Host server. This information can be found in the Installing Remote Desktop Session Host Step-by-Step Guide (http://go.microsoft.com/fwlink/?LinkId=147292). For a downloadable version of this document, see the Installing Remote Desktop Session Host Step-by-Step Guide (http://go.microsoft.com/fwlink/?LinkId=147293) in the Microsoft Download Center.

    If you have previously configured the computers in the Installing Remote Desktop Session Host Step-by-Step Guide, you should repeat the steps in that guide with new installations.

  • Guidance for setting up a perimeter network or firewall rules. This information can be found in the RD Gateway deployment in a perimeter network & Firewall rules (http://go.microsoft.com/fwlink/?LinkId=210571).

  • Complete technical reference for Remote Desktop Services.

RD Gateway uses the Remote Desktop Protocol (RDP) over HTTPS to help establish a secure, encrypted connection between remote users on the Internet and the internal network resources on which their productivity applications run.

To function correctly, RD Gateway requires several role services and features to be installed and running. When you use Server Manager to install the RD Gateway role service, the following additional roles, role services, and features are automatically installed and started, if they are not already installed:

  • Remote procedure call (RPC) over HTTP Proxy

  • Web Server (IIS) [Internet Information Services]

    IIS must be installed and running for the RPC over HTTP Proxy feature to function.

  • Network Policy and Access Services

We recommend that you first use the steps provided in this guide in a test lab environment. Step-by-step guides are not necessarily meant to be used to deploy Windows Server® features without additional deployment documentation and should be used with discretion as a stand-alone document.

Upon completion of this step-by-step guide, you will have an RD Session Host server that users can connect to with the Remote Desktop client computer by using RD Gateway. You can then test and verify this functionality by connecting to the RD Session Host server by using RD Gateway from the Remote Desktop client as an authorized remote user.

The test environment described in this guide includes four computers connected to a private network using the following operating systems, applications, and services.


Computer name Operating system Applications and services


Windows Server 2008 R2

Active Directory Domain Services (AD DS), DNS


Windows Server 2008 R2

RD Session Host


Windows 7

Remote Desktop Connection


Windows Server 2008 R2

RD Gateway


The computers form a private network and are connected through a common hub or Layer 2 switch. This step-by-step exercise uses private addresses throughout the test lab configuration. The private network ID is used for the network. The domain controller is named CONTOSO-DC for the domain named contoso.com. The following figure shows the configuration of the test environment.

Remote Desktop Gateway Network Diagram

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

© 2015 Microsoft