Long time reader, first time poster. I have spent the last 2 hours researching an answer but none solve my specific error. Here goes:
Server 2008 Standard
Roles: DC, DNS, Network Policy & Access, Terminal Services, IIS
TS Gateway Mgr: Both TS_CAP & TS_RAP created & enabled w/ appropriate group memberships (NOTE: TS_CAP set for password (NTLM) only; TS_RAP allows user to any network resource & allows connections through any port)
TS RemoteApp Deployment Settings:
- TS Gatewaytab: server name set to FQDN - asks for password (NTLM); "Use same user credentials for TS Gateway and terminal server" AND "Bypass TS Gateway server for local addresses" BOTH checked.
- Digital Signature tab: NOT signed witha digital signature
- Terminal Server tab: server name = FQDN; RDP port = 3389; checkmarks for both "Require server authentication" and "Show a remote desktop connection"; "Do not allow users to start unlisted programs" selected.
Certificates: Have purchased & installed GoDaddy cert for both Server & Client authentication - expires 9/9/2010
Router: Using a Motorola Netopia router with a one-to-one IP mapping (NAT) for pulic IP to internal private IP.
NOTE: In my efforts to resolve this issue, I've also created a Local Security Policy on the Gateway server: "Inbound Rules" under the "Protocols and Ports tab - Protocol type=TCP; Local Port=443; Remote Port=All ports.
I pull up web browser from Vista machine (Vista Home Premium - not a member of domain), can browse to TS Web Access page - https://domain/ts
. When remote apps appear, I click on one (i.e. Excel 2007) and immediately get the standard "A website wants to connect..." msg - I click "CONNECT". It then asks for authentication, however, it lists my local computer name as the Domain because I am obviously not a member of the domain where the TS Gateway server resides on. At this point, it doesn't matter WHAT username and password I input into this screen (whether actual 'domain' username & password or 'local') because the result is always the same - I get the error message "This computer can't connect to the remote computer because the Terminal Services Gateway server address is unreachable or incorrect. Type a valid server address."
My client needs this access for his employees asap.
Any ideas that seem obvious?