Solved

2012 RDS RD gateway TLS disconnects external

Posted on 2014-02-21
4
1,562 Views
Last Modified: 2014-02-27
On windows 2012 with SAN certificate, windows 7 & 8.1 clients.

One server web + gateway + broker in LAN + domain
One server session host in same LAN and domain

Internally everything works fine. Setup everything with the defaults
Externally, the websession connects fine, but when i start a remoteapp it times out.

I don't see any error or event, nothing in NPS/NAP, nothing in the event logs or failed security etc ...

The remote app like "wordpad", start "initializing ..." and then times out with the error  can't connect to the remote computer.

When i do a Wireshark trace on the internal gateway it only shows a SSL handshake & session close when starting a remote app. (see RDS JPG)

I had the same problem when i did a quick install on one box & enabled RDgateway with a SAN certififcate.

Is this a firewall issue? Seems not, the session is closed propperly.
Firewall is a SSG-140 Juniper
rds.JPG
0
Comment
Question by:MobileAccess
  • 2
4 Comments
 
LVL 39

Expert Comment

by:Adam Brown
ID: 39878101
Have you configured the RD Gateway to use the SAN cert? There is some setup required for Gateway to work properly, and if there is no cert or if the cert isn't trusted, it will shut down connection attempts. http://social.technet.microsoft.com/wiki/contents/articles/10974.deploying-and-configuring-rd-gateway-in-windows-server-2012.aspx  has more info. Also if you have RD Web services on the same server as Gateway, it could cause problems if you use defaults, since they both run on the same port.
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 39878343
The SSL session is being closed properly, but that provides no context for the underlying RD tunnel, which may be getting terminated abnormally due to a firewall issue. Don't rule out your firewall just because of that.
0
 

Accepted Solution

by:
MobileAccess earned 0 total points
ID: 39879779
applying this suddenly fixed everthing.

http://support.microsoft.com/kb/2903333

Still no idea why 8.1 client would not cause auth errors but a client on 2008r2 did.

fixing that also fixed the 8.1 client.
0
 

Author Closing Comment

by:MobileAccess
ID: 39891403
RDS was setup correct, firewall was not the cause.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question