Remote Desktop Services High Availability Scenario, Juniper SA compatibility

Good day,

I am looking to deploy a new Remote Desktop Services 2008 R2 Farm. This farm would be accessible internally via WEB App without a RD Gateway, and I plan to avoid the need for a RDGW by publishing the RD Web Access page through a Juniper SA SSL VPN appliance similiar to how we deploy Outlook Web Access as a bookmark through the SA to field users.

I have 3 big questions about my scenario I would appreciate your input on;

1. Juniper says RDS RemoteApp is supported on our current firmware version- do you foresee an issues with browsing network drives from within a RemoteApp session using WSAM or JSAM? Should SSO work if I follow these instructions; http://blogs.msdn.com/b/rds/archive/2009/08/11/introducing-web-single-sign-on-for-remoteapp-and-desktop-connections.aspx 
 
2. Do I still need a RDGW if I am requiring all external users sign into the SSL VPN appliance first for authorization? What security holes or functionality can you forsee?

3. I plan to use Clustering on the Connection Broker servers, do you know if clustering is supported with RD Web Access servers, and if I can colocate these roles on the RDCB with clustering?

I plan to have 5 new servers; 2 hosting the RWDA, and RDCB roles clustered, and 3 RD Session Hosts in the farm with standard MS Apps. The target is 100 concurrent users.

Thank you for your assistance!



GrayconAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
DavidConnect With a Mentor PresidentCommented:
this is really one of those situations where you should contact their presales engineering, log it as an instance so they have record ... and have them provide details and config info to do this all.

sometimes best answer is to a vendor support engineer. this is one of them..
0
 
deimarkConnect With a Mentor Commented:
Have to agree with dlethe here bud.

With regards to the SA box, my initial thoughts are yes, it can be done but its definitely worth double checking with your support provider for all components here just to make sure that they will all play well together given your detailed questions above.

Besides, the support ticket will allow you to go into a lot more details about your installation which it is unwise to post here.
0
 
deimarkCommented:
Not really an appropriate close reason here.

A question was asked and then answered, its not our fault if he asks a complex question that he gets a complex answer.
0
 
DavidPresidentCommented:
Not only that, but technically he received the correct answer.   He specifically asked for "input" on these issues.

Input was to get a support ticket and work with manufacturer directly, as due to the nature of the question, it necessitates hands-on engineering support with the manufacturer.  Going into this, the author clearly thought the nature of the problem was simple enough that he could ask a 3-part question and get the right answer and move on.

Now author has been educated, thank's to expert advice, and is likely doing just that.

Points should be split between experts who responded.
0
 
deimarkCommented:
Agree with dlethe here

Split points betyween myself and dlethe

Comments 34214580 and 34214867
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.