Solved

2012 RDS RD gateway TLS disconnects external

Posted on 2014-02-21
4
1,658 Views
Last Modified: 2014-02-27
On windows 2012 with SAN certificate, windows 7 & 8.1 clients.

One server web + gateway + broker in LAN + domain
One server session host in same LAN and domain

Internally everything works fine. Setup everything with the defaults
Externally, the websession connects fine, but when i start a remoteapp it times out.

I don't see any error or event, nothing in NPS/NAP, nothing in the event logs or failed security etc ...

The remote app like "wordpad", start "initializing ..." and then times out with the error  can't connect to the remote computer.

When i do a Wireshark trace on the internal gateway it only shows a SSL handshake & session close when starting a remote app. (see RDS JPG)

I had the same problem when i did a quick install on one box & enabled RDgateway with a SAN certififcate.

Is this a firewall issue? Seems not, the session is closed propperly.
Firewall is a SSG-140 Juniper
rds.JPG
0
Comment
Question by:MobileAccess
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 41

Expert Comment

by:Adam Brown
ID: 39878101
Have you configured the RD Gateway to use the SAN cert? There is some setup required for Gateway to work properly, and if there is no cert or if the cert isn't trusted, it will shut down connection attempts. http://social.technet.microsoft.com/wiki/contents/articles/10974.deploying-and-configuring-rd-gateway-in-windows-server-2012.aspx  has more info. Also if you have RD Web services on the same server as Gateway, it could cause problems if you use defaults, since they both run on the same port.
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39878343
The SSL session is being closed properly, but that provides no context for the underlying RD tunnel, which may be getting terminated abnormally due to a firewall issue. Don't rule out your firewall just because of that.
0
 

Accepted Solution

by:
MobileAccess earned 0 total points
ID: 39879779
applying this suddenly fixed everthing.

http://support.microsoft.com/kb/2903333

Still no idea why 8.1 client would not cause auth errors but a client on 2008r2 did.

fixing that also fixed the 8.1 client.
0
 

Author Closing Comment

by:MobileAccess
ID: 39891403
RDS was setup correct, firewall was not the cause.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question