TS Gateway and NLB
I am about to deploy a terminal services solution and need some guidance. I will have 4 Server 2008 terminal servers and they will be using NLB for load balancing. What I would like to do is install a virtual machine as well and install TS Gateway on it.
It is my understanding that TS Gateway will produce a webpage over SSL where users can login, and then type in the name or virtual IP of the NLB Farm and get directed to one of the 4 Terminal Servers. I would then have to assign a Public IP on my Cisco ASA firewall and NAT that address to the internal IP of the TS Gateway server.
Is this correct? Does anyone see anything wrong with this, or any suggestions?
It is my understanding that TS Gateway will produce a webpage over SSL where users can login, and then type in the name or virtual IP of the NLB Farm and get directed to one of the 4 Terminal Servers. I would then have to assign a Public IP on my Cisco ASA firewall and NAT that address to the internal IP of the TS Gateway server.
Is this correct? Does anyone see anything wrong with this, or any suggestions?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Will this same scenario work if I am NOT publishing Apps, but delivering the entire desktop?
I setup a TS Farm deployment a few months ago and ran into this issue. I installed and configured 4 Terminal Servers. Configured NLB on them, and configured a Session Broker as well. I then created a NAT in my firewall that sent all inbound RDP requests destine for the dedicated public IP address to the internal virtual IP for the farm. Because my firewall is a stateful, connection-oriented device it would not maintain connections from outside into the internal Vitual IP because of the NLB sharing IP's and MAC's. My question is will the scenario above fix this issue, and if so how?