RemoteApp error msg - TS Gateway server address is unreachable or incorrect.

Posted on 2010-01-05
Last Modified: 2013-11-21
Long time reader, first time poster.  I have spent the last 2 hours researching an answer but none solve my specific error. Here goes:

Server 2008 Standard
Roles: DC, DNS, Network Policy & Access, Terminal Services, IIS

TS Gateway Mgr: Both TS_CAP & TS_RAP created  & enabled w/ appropriate group memberships (NOTE: TS_CAP set for password (NTLM) only; TS_RAP allows user to any network resource & allows connections through any port)

TS RemoteApp Deployment Settings:
- TS Gatewaytab: server name set to FQDN - asks for password (NTLM); "Use same user credentials for TS Gateway and terminal server" AND "Bypass TS Gateway server for local addresses" BOTH checked.
- Digital Signature tab: NOT signed witha digital signature
- Terminal Server tab: server name = FQDN; RDP port = 3389; checkmarks for both "Require server authentication" and "Show a remote desktop connection"; "Do not allow users to start unlisted programs" selected.

Certificates: Have purchased & installed GoDaddy cert for both Server & Client authentication - expires 9/9/2010

Router: Using a Motorola Netopia router with a one-to-one IP mapping (NAT) for pulic IP to internal private IP.

NOTE: In my efforts to resolve this issue, I've also created a Local Security Policy on the Gateway server: "Inbound Rules" under the "Protocols and Ports tab - Protocol type=TCP; Local Port=443;  Remote Port=All ports.

I pull up web browser from Vista machine (Vista Home Premium - not a member of domain), can browse to TS Web Access page - https://domain/ts.  When remote apps appear, I click on one (i.e. Excel 2007) and immediately get the standard "A website wants to connect..." msg - I click "CONNECT".  It then asks for authentication, however, it lists my local computer name as the Domain because I am obviously not a member of the domain where the TS Gateway server resides on.  At this point, it doesn't matter WHAT username and password I input into this screen (whether actual 'domain' username & password or 'local') because the result is always the same - I get the error message "This computer can't connect to the remote computer because the Terminal Services Gateway server address is unreachable or incorrect.  Type a valid server address."

My client needs this access for his employees asap.
Any ideas that seem obvious?
Question by:CoalCreekGeek
    LVL 4

    Accepted Solution

    You could try the following.
    In the local hosts file on the TSGateway box put an entry for the external DNS name the clients are trying to reach but for the IP address put the internal address.

    Author Comment

    Thanks... I'm going to remote in tonight to try that. Thanks for the input. It seems that maybe I've posted "too much" information here because I've had trouble getting an answer to this.

    Featured Post

    Shouldn't all users have the same email signature?

    You wouldn't let your users design their own business cards, would you? So, why do you let them design their own email signatures? Think of the damage they could be doing to your brand reputation! Choose the easy way to manage set up and add email signatures for all users.

    Join & Write a Comment

    I was asked if I could set up a fax machine so that incoming faxes were delivered to people's Exchange inboxes and so that they could send faxes from their desktops without needing to print the document first.  I knew it was possible but I had no id…
    To effectively work with Diskpart on a Server Core, it is necessary to write some small batch script's, because you can't execute diskpart in a remote powershell session. To get startet, place the Diskpart batch script's into a share on your loca…
    This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
    This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now