Solved

2012 RDS RD gateway TLS disconnects external

Posted on 2014-02-21
4
1,512 Views
Last Modified: 2014-02-27
On windows 2012 with SAN certificate, windows 7 & 8.1 clients.

One server web + gateway + broker in LAN + domain
One server session host in same LAN and domain

Internally everything works fine. Setup everything with the defaults
Externally, the websession connects fine, but when i start a remoteapp it times out.

I don't see any error or event, nothing in NPS/NAP, nothing in the event logs or failed security etc ...

The remote app like "wordpad", start "initializing ..." and then times out with the error  can't connect to the remote computer.

When i do a Wireshark trace on the internal gateway it only shows a SSL handshake & session close when starting a remote app. (see RDS JPG)

I had the same problem when i did a quick install on one box & enabled RDgateway with a SAN certififcate.

Is this a firewall issue? Seems not, the session is closed propperly.
Firewall is a SSG-140 Juniper
rds.JPG
0
Comment
Question by:MobileAccess
  • 2
4 Comments
 
LVL 38

Expert Comment

by:Adam Brown
ID: 39878101
Have you configured the RD Gateway to use the SAN cert? There is some setup required for Gateway to work properly, and if there is no cert or if the cert isn't trusted, it will shut down connection attempts. http://social.technet.microsoft.com/wiki/contents/articles/10974.deploying-and-configuring-rd-gateway-in-windows-server-2012.aspx  has more info. Also if you have RD Web services on the same server as Gateway, it could cause problems if you use defaults, since they both run on the same port.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39878343
The SSL session is being closed properly, but that provides no context for the underlying RD tunnel, which may be getting terminated abnormally due to a firewall issue. Don't rule out your firewall just because of that.
0
 

Accepted Solution

by:
MobileAccess earned 0 total points
ID: 39879779
applying this suddenly fixed everthing.

http://support.microsoft.com/kb/2903333

Still no idea why 8.1 client would not cause auth errors but a client on 2008r2 did.

fixing that also fixed the 8.1 client.
0
 

Author Closing Comment

by:MobileAccess
ID: 39891403
RDS was setup correct, firewall was not the cause.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now