Deploying Remote Desktop Gateway Step-by-Step Guide

Applies To: Windows 7, Windows Server 2008 R2

About this guide

This step-by-step guide walks you through the process of setting up a working Remote Desktop Session Host (RD Session Host) server accessible by using Remote Desktop Gateway (RD Gateway) in a test environment. During this process, you will create a test deployment that includes the following components:

  • An RD Gateway server

  • An RD Session Host server

  • A Remote Desktop Connection client computer

This guide assumes that you previously completed the steps in the Installing Remote Desktop Session Host Step-by-Step Guide (https://go.microsoft.com/fwlink/?LinkId=147292), and that you have already deployed the following components:

  • An RD Session Host server

  • A Remote Desktop Connection client computer

  • An Active Directory Domain Services domain controller

This guide includes the following topics:

The goal of RD Gateway is to enable authorized remote users to connect to resources on an internal corporate or private network, from any Internet-connected device that can run the Remote Desktop Connection (RDC) client. The network resources can be RD Session Host servers, RD Session Host servers running RemoteApp programs, or computers with Remote Desktop enabled.

What this guide does not provide

This guide does not provide the following:

Important

If you have previously configured the computers in the Installing Remote Desktop Session Host Step-by-Step Guide, you should repeat the steps in that guide with new installations.

Technology review

RD Gateway uses the Remote Desktop Protocol (RDP) over HTTPS to help establish a secure, encrypted connection between remote users on the Internet and the internal network resources on which their productivity applications run.

To function correctly, RD Gateway requires several role services and features to be installed and running. When you use Server Manager to install the RD Gateway role service, the following additional roles, role services, and features are automatically installed and started, if they are not already installed:

  • Remote procedure call (RPC) over HTTP Proxy

  • Web Server (IIS) [Internet Information Services]

    IIS must be installed and running for the RPC over HTTP Proxy feature to function.

  • Network Policy and Access Services

Scenario: Deploying Remote Desktop Gateway

We recommend that you first use the steps provided in this guide in a test lab environment. Step-by-step guides are not necessarily meant to be used to deploy Windows Server® features without additional deployment documentation and should be used with discretion as a stand-alone document.

Upon completion of this step-by-step guide, you will have an RD Session Host server that users can connect to with the Remote Desktop client computer by using RD Gateway. You can then test and verify this functionality by connecting to the RD Session Host server by using RD Gateway from the Remote Desktop client as an authorized remote user.

The test environment described in this guide includes four computers connected to a private network using the following operating systems, applications, and services.

Computer name Operating system Applications and services

CONTOSO-DC

Windows Server 2008 R2

Active Directory Domain Services (AD DS), DNS

RDSH-SRV

Windows Server 2008 R2

RD Session Host

CONTOSO-CLNT

Windows 7

Remote Desktop Connection

RDG-SRV

Windows Server 2008 R2

RD Gateway

 

The computers form a private network and are connected through a common hub or Layer 2 switch. This step-by-step exercise uses private addresses throughout the test lab configuration. The private network ID 10.0.0.0/24 is used for the network. The domain controller is named CONTOSO-DC for the domain named contoso.com. The following figure shows the configuration of the test environment.