I have working environment SBS 2011 that acts as a gateway and win 2008 that acts as a web access and remote app publishing machine. But I wanted to implement newest server so I deployed in parallel Win 2012 R2 machine.
old infrastructure is available through remote.domain.com/rdweb
new machine should be avaliable through domain.com/rdweb
So I installed that machine in DMZ with two NICs. On that machine I’ve run remote desktop services installation (with default published apps) and just added RDGateway.
RDGateway settings are Use these : domain.com certificate is public (UCC with 10 SANs).
Under Certificates I added this cert for Connection Broker, WebAccess but RDGateway is greyed. I am not able to edit this here so I added certificate through GRGateway manager. Certificate is also added in IIS that acts as a proxy
CAP and RAP Policies are configured locally on NPS server
Since I have my website domain.com I had to install IIS ARR to act as a proxy. domain.com/RDWeb is routed to appropriate server and domain.com is routed to the webserver. It seems to be working, I can open the login page, log in there, but when I start remote app (that works within LAN – bypass Gateway is selected) I receive an error “Your Computer can’t connect to the remote computer because RDGateway server is temporarily unavailable. Try reconnecting later ……”
