I'm having issues configuring my Windows 2012R2 RDS roles. I've installed and configured the roles in their default session-based capacity. Access from LAN stations is fine. However, configuring access for remote users is a bit of a pig.
Its a single server (domain member) that has RD Web Access, RD Gateway, RD Licensing, RD Connection Broker and I have added the RD Host server and created a collection.
This site has only one public static IP address and exchange is using port 443 so I changed the transport settings in the RD Gateway to use port 444. I have also installed an SSL cert from godaddy.
When I visited the rdweb site from an external location, I could logon fine (as admin) and browse around. There are 3 apps published by default (calc, paint and wordpad) but when I click on any of these, I get a message stating that the server could not be found. So I googled around and made the following changes:
- in IIS, changed the DefaultTSGateway to point to the external FQDN
- in the RD Gateway settings, added the internal and external FQDN of the RDS server into the server farm (I had to create a split dns entry internally for this)
- Use windows powershell to perform Set-RDSessionCollectionConfiguration –CollectionName "YourCollectionName" –CustomRdpProperty "gatewayhostname:s:rdg.yourdomain.com:444
Once these steps were completed, I could logon to an RDP session. I had to configure the RDC to use the RD Gateway server settings with the new port 444.
So I re-published the calculator app and this time when I click on it, it brings me through logging on but then fails stating that the name on the certs do not match. I click to view the certificate and am presented with the exchange certificate details!!
It would appear that, at some level, it is communicating on port 443 even though I have changed the transport to use port 444.
Because I have had to make so many little changes that seem to me to be fixes, the whole thing feels dirty.
Any experts with any advice would be appreciated.