Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 409
  • Last Modified:

Simple Remote Desktop Services Installation

Hi Experts,

I need to setup a simple remote desktop services system.  There is one piece of hardware that the RDS software will reside.  The OS is Windows 2008 R2 Standard Edition.

Basically I have one application that I need to make available via "Web Access".   Users will not be using the "Remote Desktop Connection" or running any virtual desktops.  One published app via web access only.

From what I can tell the only "roles" I need are the "Session Host" and "Desktop Web Access".  I should be able to use a public IP pointed to the internal site for use outside our firewall.

I did get the Gateway working but that just connects me to a terminal session.   Again, users will not be using terminal sessions - only a published app (via web access).  Can I remove the gateway - is it needed for my requirements?

I do have the application published and it works (inside the firewall) - am I on the right track?

Thanks!  Ed
0
iteched1
Asked:
iteched1
  • 3
  • 2
1 Solution
 
kevinhsiehCommented:
You need the RD Gateway for external clients to be able to access the RD Session host over TCP 443. If you do not use RD Gateway, you need to open up the RD Session host to the Internet on TCP 3389, which is considered a security risk, especially given the current RDS exploit that Microsoft just patched in March.

I know that you only need RemoteApp access, but I don't believe that you can prevent someone from connecting to a full desktop on the session host if they manually connect.
0
 
iteched1Author Commented:
This is what I've done so far:

Installed Remote Desktop Session Host Role.
Installed Remote Desktop Licensing Role.

This was all the Microsoft roles needed so far...

Installed "2X" Client Gateway, Publishing Agent, and Terminal Server Agent.

Configured the server's firewall for "2X".
Configured the border firewall for outside accesss.

Published the app in "2X".

So far this is doing exactly what I want.  I may expand and add features later but this configuration is sufficient for my needs.

Notes:

1.  I removed the Remote Desktop Gateway and iiS.  They are not needed in this configuration.
2.  "2X" was implemented to allow access to the application from ipads, iphones, androids, and other client platforms.
0
 
kevinhsiehCommented:
Sounds good.
0
 
iteched1Author Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for iteched1's comment #37776974

for the following reason:

I figured out what I needed after posting the question.
0
 
iteched1Author Commented:
Hi,

Please set this to multiple solutions with 300 to me (as I figured it out myself) and 200 for Kevin for taking the time to help me out.

As a side  comment I'm not sure I like the new face of experts exchange...I find it more clumsy to navigate.

Thanks!

Ed
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now