Remote Desktop Services 2012- cert and RD gateway question

My first time setting up RDS and a question on the RD gateway where it is asking for a FQDN. the full domain name for the terminal server is terminalserver.domain.com, is that what I should be putting here or just domain.com?
If it is just domain.com...then my question is that domain.com, is also what is used for our website publicly so should I create a subdomain for access to this?
As for the cert- will just a standard SSL cert with domain.com be fine, or do I need some sort of multi-domain SSL?
350ztnAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
you should have www.domain.com at an external source
remote.domain.com or terminalserver.domain.com

probably easier to get a wildcard certificate *.domain.com or for remote.domain.com but in your certificate request you need to add the common names of the servers involved. i.e.
remote.domain.com resides on iis on server1.domain.com so it requires the common name of server1.domain.com, add also the connection broker and final connection machines common names.
0
350ztnAuthor Commented:
If this is just for internal use, do I need to go through this process. I really don't want public access to a terminal server on our network? And can all services required for Remote Desktop run on one server? Broker, Gateway, etc
0
DrDave242Commented:
If it's just for internal use, you don't really need RD Gateway at all, unless there's an internal firewall between the Remote Desktop clients and the session host server(s). The most common use of RD Gateway is to allow external users to connect to internal session host servers by using an SSL-secured connection rather than a straight RDP connection.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

350ztnAuthor Commented:
we use VPNs from our hubs to our main office where the current terminal server (2003 server) exists. On the new system we are migrating to I was wondering If I even needed a RD gateway. currently we just use RDP connection, is that how it is still done with new Remote Desktop?
0
DrDave242Commented:
If the connections are being made through VPNs, they're already secured, and there's no need to open any additional firewall ports. There's no need for the RD Gateway service in that configuration.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
350ztnAuthor Commented:
OK. what about Web access role?
0
350ztnAuthor Commented:
OK- what about the Web Access Role? Do I need that if I'm using the VPN?
0
DrDave242Commented:
RD Web Access is optional. It allows users to access Remote Desktop connections or published RemoteApps through either the Start menu or a browser. In an environment with a large number of published RemoteApps or several different session-host collections, this comes in handy, but in a smaller environment, it's not necessary.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.