• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 819
  • Last Modified:

The relationship between Remote Desktop Services (rolls) and Windows SBS 2011

Hi All

Connecting to Windows SBS 2011 using IP address rather than FQDN.

Yes I can connect using “htpps://remote.domain-name.com/remote” in IE and with the Certificate package downloaded from the server and installed on the remote computer.

I can also connect by using “https://IPx.xxx.xxx.xxx/remote” but it will allow me to only go so far.   If I try to connect to the “Server” I eventually get “Your Computer can’t connect to the remote computer because the Remote Desktop Gateway server address requested and the certificate subject name do not Match”.

In my reading I came across lots of references to Remote Desktop Gateway and Terminal Server Gateway and that RD Gateway has replaced TS Gateway.

My question are   (Very simply put):

1 Is it still possible to connect to SBS 2011 using https://Ipx.xxx.xxx.xxx/remote the IP Address format.  It is very convenient.

2 I thought that TS Gateway involved setting up a “TS Session Host Server” and a separate Domain Controller would them control the connections from the external devices to it, maybe through a RD (TS) Gateway on the domain controller server.

3 In my reading I got the impression that the Roll of “Remote Desktop Services” on a Windows SBS 2011 server had relevance.  The question is, should one activate the “Remote Desktop Web Access” roll service, for example, on a SBS 2011 server. If so, is there any documentation addressing what roll services should be activated specifically regarding SBS 2011, please.

As you can see I am a bit confused, sorry about that.

Regards, Heber Mac Guinness


0
Heber_Mac_Guinness
Asked:
Heber_Mac_Guinness
1 Solution
 
Cliff GaliherCommented:
1) no, it is not. This is a restriction of the RD gateway technology that SBS relies on. If you stood up a standalone RDgateway or RSgateway in an enterprise network, it'd have the same restriction, do this is NOT unique to SVS.

2) RSgateway (now RDgateway) provides a means to tunnel RDP traffic without mapping individual ports. It is most commonly used to tunnel to multiple session host servers in enterprise deployments, but is increasingly common to see it used for remote VDI as well. For SBS, it is preconfigured and used to tunnel RDP traffic to end-user desktops via RWA. but regardless, the purpose of the role is the same...tunnel RDP.

3) in short, do not enable ANY RD roles on SBS. SBS preconfigured what it needs duringinitial install and via subsequent console wizards. Changing *any* RD roles breaks IIS and RWA.

-Cliff
0
 
Heber_Mac_GuinnessAuthor Commented:
Hi cqaliher

Thank you, for your reply.

As you may have gathered I an not really beyond the SBS scenario so your answers to 1 and 3 “no, it is not” and “do not enable any RD roles” are exactly what I needed.

Regarding question 2 I understand where you are coming from.

Again thanks for your reply.

Regards Heber
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now