sglee
asked on
Setting up a Remote Gateway Server on SBS2011 Network
Hi,
I have SBS2011 Network and users connect to their office computers from home PCs using Remote Desktop Connection (where RD Gateway server setting has remote.domain_name.com). In the router, port 443 is forwarded to SBS2011 server IP address (For example, 192.168.1.10).
My question:
If I create domain-joined windows 2019 server on the same network and install RD Gateway role in it and change port 443 forwarding to IP address (192.168.1.11) of new W2019 RD Gateway Server instead of SBS2011 Server, would users be able to connect to their office computers?
Thanks.
I have SBS2011 Network and users connect to their office computers from home PCs using Remote Desktop Connection (where RD Gateway server setting has remote.domain_name.com). In the router, port 443 is forwarded to SBS2011 server IP address (For example, 192.168.1.10).
My question:
If I create domain-joined windows 2019 server on the same network and install RD Gateway role in it and change port 443 forwarding to IP address (192.168.1.11) of new W2019 RD Gateway Server instead of SBS2011 Server, would users be able to connect to their office computers?
Thanks.
ASKER
@Cris
Necessary licenses for WS2019 have been already purchased.
When I perform migration, I typically enable WS2019 RD Gateway function on the same weekend that I detach and demote SBS2011 from the network .
For this particular network, I wanted to know if I do the migration in two separate steps:
That is:
(1) Start using WS2019 RD Gateway server to connect home users to their office computers while letting users access files & folders from SBS Server and make sure this works first.
(2) A few months later, transfer files and folders from SBS2011 to another WS2019 Server, demote SBS2011 & remove it from the network completely.
Necessary licenses for WS2019 have been already purchased.
When I perform migration, I typically enable WS2019 RD Gateway function on the same weekend that I detach and demote SBS2011 from the network .
For this particular network, I wanted to know if I do the migration in two separate steps:
That is:
(1) Start using WS2019 RD Gateway server to connect home users to their office computers while letting users access files & folders from SBS Server and make sure this works first.
(2) A few months later, transfer files and folders from SBS2011 to another WS2019 Server, demote SBS2011 & remove it from the network completely.
I see no reason why this should be an issue. And it sounds like you're very familiar with setting up the RD Gateway on 2019. I would just make sure it's not running on SBS....good luck. Just disable...don't remove (yet)
ASKER
"I would just make sure it's not running on SBS....good luck. Just disable...don't remove (yet) "--> That is the reason why I posted my question.
How do I disable RD Gateway function/role from SBS2011? Is this a MUST?
If I am forwarding port 443 to the new WS2019 RD Gateway Server without disabling RD Gateway function from SBS2011, what can go wrong?
How do I disable RD Gateway function/role from SBS2011? Is this a MUST?
If I am forwarding port 443 to the new WS2019 RD Gateway Server without disabling RD Gateway function from SBS2011, what can go wrong?
It's still early for me...was thinking Service, instead of Role
In theory...nothing should go wrong....I just don't like to have things "running" on two different boxes at the same time to avoid confusion. But because RD Gateway is so tightly integrated into SBS 2011...would not recommend removing until you decommission....just in case
In theory...nothing should go wrong....I just don't like to have things "running" on two different boxes at the same time to avoid confusion. But because RD Gateway is so tightly integrated into SBS 2011...would not recommend removing until you decommission....just in case
ASKER
"In theory...nothing should go wrong " --> if WS2019 RD Gateway Server does not work for some reasons, I will quickly point port 443 forwarding back to SBS2011. No harm done, I think.My concern is this:
- Currently with SBS2011 system, SBS2011 self-generated server certificate (in SBS console) is based on remote.domain_name.com and this certificate is installed on user's home computers.
- When I set up WS2019 as RD Gateway Server, I also use remote.domain_name.com. to obtain "CertifytheWeb" generated server certificate. This has been working fine for every SBS2011 to WS2019 Migration because I demote/detach SBS2011 from the network. But this time, for this particular network, I am creating a new WS2019 RD Gateway in additional to existing SBS2011.
- So if & when I need to switch back port forwarding to SBS2011, would I run into any issues?
I don't expect an issue...both servers have valid certs for the external name. The trusted 3rd party cert would be better on the SBS box as well than the self generated cert...but as long as external DNS resolves and port is forwarded...I think you're solid
ASKER
@Cris
I will try it this weekend and report back.
I will try it this weekend and report back.
ASKER
@Cris Hanna
I set up WS2019 RD Gateway server with CertifytheWeb and was able to connect to my office computer from home computer using remote desktop. Connection was made faster thru new Gateway server than SBS2011.
So I know now that WS2019 RD Gateway server can co-exist with SBS2011 as you predicted. Thank you!
I have one more question.
For WS2019 RD Gateway server to work, I had to set up two ports - 443 and 80 - forwarded to IP address of RD Gateway server in my internet router.
The problem was because I have an internal web server on the same network and I am already forwarding port 80 to web server. For RD Gateway testing I had to change port 80 forwarding from IIS server to RD gateway server. Once fully tested, I had to switch port 80 forwarding back to web server.
So the question is:
Is it ok to use RD Gateway server as web server at the same time?
If it is not possible, then I have to either move web server out of the network and host it somewhere else or change the port 80 to something like 88 on my web server because I need port 80 (along with 443) for my new RD Gateway server to function.
I set up WS2019 RD Gateway server with CertifytheWeb and was able to connect to my office computer from home computer using remote desktop. Connection was made faster thru new Gateway server than SBS2011.
So I know now that WS2019 RD Gateway server can co-exist with SBS2011 as you predicted. Thank you!
I have one more question.
For WS2019 RD Gateway server to work, I had to set up two ports - 443 and 80 - forwarded to IP address of RD Gateway server in my internet router.
The problem was because I have an internal web server on the same network and I am already forwarding port 80 to web server. For RD Gateway testing I had to change port 80 forwarding from IIS server to RD gateway server. Once fully tested, I had to switch port 80 forwarding back to web server.
So the question is:
Is it ok to use RD Gateway server as web server at the same time?
If it is not possible, then I have to either move web server out of the network and host it somewhere else or change the port 80 to something like 88 on my web server because I need port 80 (along with 443) for my new RD Gateway server to function.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
To add the WS2019 you'll need the server license, Server CALs and RD Cals...
So if you're going to add a WS2019, since SBS 2011 is end of support...you should migrate the entire domain over to supported environment