Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Remote Desktop Services High Availability Scenario, Juniper SA compatibility

Posted on 2010-11-25
7
Medium Priority
?
3,134 Views
Last Modified: 2012-05-10
Good day,

I am looking to deploy a new Remote Desktop Services 2008 R2 Farm. This farm would be accessible internally via WEB App without a RD Gateway, and I plan to avoid the need for a RDGW by publishing the RD Web Access page through a Juniper SA SSL VPN appliance similiar to how we deploy Outlook Web Access as a bookmark through the SA to field users.

I have 3 big questions about my scenario I would appreciate your input on;

1. Juniper says RDS RemoteApp is supported on our current firmware version- do you foresee an issues with browsing network drives from within a RemoteApp session using WSAM or JSAM? Should SSO work if I follow these instructions; http://blogs.msdn.com/b/rds/archive/2009/08/11/introducing-web-single-sign-on-for-remoteapp-and-desktop-connections.aspx 
 
2. Do I still need a RDGW if I am requiring all external users sign into the SSL VPN appliance first for authorization? What security holes or functionality can you forsee?

3. I plan to use Clustering on the Connection Broker servers, do you know if clustering is supported with RD Web Access servers, and if I can colocate these roles on the RDCB with clustering?

I plan to have 5 new servers; 2 hosting the RWDA, and RDCB roles clustered, and 3 RD Session Hosts in the farm with standard MS Apps. The target is 100 concurrent users.

Thank you for your assistance!



0
Comment
Question by:Graycon
  • 3
  • 2
7 Comments
 
LVL 47

Accepted Solution

by:
David earned 1000 total points
ID: 34214580
this is really one of those situations where you should contact their presales engineering, log it as an instance so they have record ... and have them provide details and config info to do this all.

sometimes best answer is to a vendor support engineer. this is one of them..
0
 
LVL 18

Assisted Solution

by:deimark
deimark earned 1000 total points
ID: 34214867
Have to agree with dlethe here bud.

With regards to the SA box, my initial thoughts are yes, it can be done but its definitely worth double checking with your support provider for all components here just to make sure that they will all play well together given your detailed questions above.

Besides, the support ticket will allow you to go into a lot more details about your installation which it is unwise to post here.
0
 
LVL 18

Expert Comment

by:deimark
ID: 34232005
Not really an appropriate close reason here.

A question was asked and then answered, its not our fault if he asks a complex question that he gets a complex answer.
0
 
LVL 47

Expert Comment

by:David
ID: 34232420
Not only that, but technically he received the correct answer.   He specifically asked for "input" on these issues.

Input was to get a support ticket and work with manufacturer directly, as due to the nature of the question, it necessitates hands-on engineering support with the manufacturer.  Going into this, the author clearly thought the nature of the problem was simple enough that he could ask a 3-part question and get the right answer and move on.

Now author has been educated, thank's to expert advice, and is likely doing just that.

Points should be split between experts who responded.
0
 
LVL 18

Expert Comment

by:deimark
ID: 34234833
Agree with dlethe here

Split points betyween myself and dlethe

Comments 34214580 and 34214867
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
A procedure for exporting installed hotfix details of remote computers using powershell
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question