Remote Desktop Gateway - internal versus external users authentication

Posted on 2011-10-24
Last Modified: 2012-06-21
It seems that if I have a farm of Terminal Servers in 2008 R2 and am employing Remote Desktop Gateway for users to log in through/authenticate through that internal users can have a simple RDP icon but remote users need to have  more complicated RDP authentication. Is there some way so that whether a user is internal or external they can have a 'universal' RDP icon that will log them into the farm correctly without additional info/RDP configuration for the remote RDP users?  I can see that if I create a separate farm for remote users with dedicated Terminal Servers this might be gotten around but if I want to have the same set of TS's for both internal and external users access through the Remote Desktop Gateway it seems I will have to do some more complicated RDP icon creation and distribution.
Question by:lineonecorp
    LVL 1

    Accepted Solution

    I would recommend only using RD Gateway for your external Users and not for your internal users, that way the gateway can have a seperat authentication requirements and not take the load of your internal users as well.

    Author Comment

    Thanks for responding. So if I have have external users coming through the Gateway and being automatically directed to whatever server my configuration is set to connect users to e.g. the TS in the farm with the least load, or 'fill up one TS and then go to the next', etc., how do internal users get directed to the same farm and have the same rules applied to them? Or do they get their own farm of TS servers?
    LVL 77

    Assisted Solution

    by:David Johnson, CD, MVP
    internet -> gateway -> server farm ->
                                                              | --  servers
    internal users           -> server farm ->


    Author Comment

    Got it. Thanks.

    Featured Post

    Wish Marketing would stop bothering you?

    Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

    Join & Write a Comment

    At the beginning of the year, the IT world was taken hostage by the shareholders of LogMeIn. Their free product, which had been free for ten years, all of the sudden became a "pay" product. Now, I am the first person who will say that software maker…
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now