MobileAccess
asked on
2012 RDS RD gateway TLS disconnects external
On windows 2012 with SAN certificate, windows 7 & 8.1 clients.
One server web + gateway + broker in LAN + domain
One server session host in same LAN and domain
Internally everything works fine. Setup everything with the defaults
Externally, the websession connects fine, but when i start a remoteapp it times out.
I don't see any error or event, nothing in NPS/NAP, nothing in the event logs or failed security etc ...
The remote app like "wordpad", start "initializing ..." and then times out with the error can't connect to the remote computer.
When i do a Wireshark trace on the internal gateway it only shows a SSL handshake & session close when starting a remote app. (see RDS JPG)
I had the same problem when i did a quick install on one box & enabled RDgateway with a SAN certififcate.
Is this a firewall issue? Seems not, the session is closed propperly.
Firewall is a SSG-140 Juniper
rds.JPG
One server web + gateway + broker in LAN + domain
One server session host in same LAN and domain
Internally everything works fine. Setup everything with the defaults
Externally, the websession connects fine, but when i start a remoteapp it times out.
I don't see any error or event, nothing in NPS/NAP, nothing in the event logs or failed security etc ...
The remote app like "wordpad", start "initializing ..." and then times out with the error can't connect to the remote computer.
When i do a Wireshark trace on the internal gateway it only shows a SSL handshake & session close when starting a remote app. (see RDS JPG)
I had the same problem when i did a quick install on one box & enabled RDgateway with a SAN certififcate.
Is this a firewall issue? Seems not, the session is closed propperly.
Firewall is a SSG-140 Juniper
rds.JPG
Have you configured the RD Gateway to use the SAN cert? There is some setup required for Gateway to work properly, and if there is no cert or if the cert isn't trusted, it will shut down connection attempts. http://social.technet.microsoft.com/wiki/contents/articles/10974.deploying-and-configuring-rd-gateway-in-windows-server-2012.aspx has more info. Also if you have RD Web services on the same server as Gateway, it could cause problems if you use defaults, since they both run on the same port.
The SSL session is being closed properly, but that provides no context for the underlying RD tunnel, which may be getting terminated abnormally due to a firewall issue. Don't rule out your firewall just because of that.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
RDS was setup correct, firewall was not the cause.