Solved

2012 RDS RD gateway TLS disconnects external

Posted on 2014-02-21
4
1,537 Views
Last Modified: 2014-02-27
On windows 2012 with SAN certificate, windows 7 & 8.1 clients.

One server web + gateway + broker in LAN + domain
One server session host in same LAN and domain

Internally everything works fine. Setup everything with the defaults
Externally, the websession connects fine, but when i start a remoteapp it times out.

I don't see any error or event, nothing in NPS/NAP, nothing in the event logs or failed security etc ...

The remote app like "wordpad", start "initializing ..." and then times out with the error  can't connect to the remote computer.

When i do a Wireshark trace on the internal gateway it only shows a SSL handshake & session close when starting a remote app. (see RDS JPG)

I had the same problem when i did a quick install on one box & enabled RDgateway with a SAN certififcate.

Is this a firewall issue? Seems not, the session is closed propperly.
Firewall is a SSG-140 Juniper
rds.JPG
0
Comment
Question by:MobileAccess
  • 2
4 Comments
 
LVL 38

Expert Comment

by:Adam Brown
ID: 39878101
Have you configured the RD Gateway to use the SAN cert? There is some setup required for Gateway to work properly, and if there is no cert or if the cert isn't trusted, it will shut down connection attempts. http://social.technet.microsoft.com/wiki/contents/articles/10974.deploying-and-configuring-rd-gateway-in-windows-server-2012.aspx  has more info. Also if you have RD Web services on the same server as Gateway, it could cause problems if you use defaults, since they both run on the same port.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39878343
The SSL session is being closed properly, but that provides no context for the underlying RD tunnel, which may be getting terminated abnormally due to a firewall issue. Don't rule out your firewall just because of that.
0
 

Accepted Solution

by:
MobileAccess earned 0 total points
ID: 39879779
applying this suddenly fixed everthing.

http://support.microsoft.com/kb/2903333

Still no idea why 8.1 client would not cause auth errors but a client on 2008r2 did.

fixing that also fixed the 8.1 client.
0
 

Author Closing Comment

by:MobileAccess
ID: 39891403
RDS was setup correct, firewall was not the cause.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now