- Windows Server
- 24 May 2019 at 18:02 UTC
-
- 1/4
When you want to provide secure remote access to your RDS infrastructure, you will need to implement the RD gateway.
However, it will also prevent this gateway is a single point of failure, because if it fails, remote access to your RDS infrastructure will no longer be possible.
To prevent this from happening, you will need to use at least 2 RD gateways in your RDS infrastructure.
- Configuration used
- Installing RD Gateways
- Installing NLB (Network Load Balancing)
- Create authorization policies
- Configure the gateways farm
- Distribute network load with NLB
- Certificate import on your RD Gateways
- Add your gateway servers in the server manager
- Add your gateway servers to your RDS deployment
- SSL certificate import for RDS gateways (RDS deployment)
- RD gateways test
1. Configuration used
In this tutorial, we will use :
- an Active Directory server that also act as a certificate authority
- a RDS server with the main RDS services as explained in this tutorial : RDS - Deploy a RDS infrastructure (session-based desktops)
- 2 servers running Windows Server 2012 where we will install RD gateways
- a client PC running Windows 8 Pro
Note : all these servers and these clients are obviously linked to our Active Directory
2. Installing RD Gateways
To get started, start the Add Roles and Features wizard on your future RD gateways servers.
Select the "Remote Desktop Services" role.
Select the "Remote Desktop Gateway" role service.
Click Install.
When the installation is complete on both servers, click Close.
3. Installing NLB (Network Load Balancing)
To manage network load balancing and also perform fault tolerance, install the "Network Load Balancing" (NLB) feature on your 2 RDS gateway servers.
Click Install.
The installation is complete.
4. Create authorization policies
To configure the connection authorization and resource access policies on your RD gateway servers, refer to our tutorial : RDS - Deploy the RD gateway to provide secure access from the outside.
Important : these policies must be identical on both RD gateway servers, otherwise your users may encounter errors depending on the server through which their connection will pass.
5. Configure the gateways farm
In order for the high availability of your RD gateway servers to be possible, you must tell these 2 gateway servers that they are part of the same server farm.
For this, on your 2 RD gateway servers, right-click "Properties" on their name.
Then, in the "Farms" tab, add the domain names of your gateway servers one by one by clicking "Add" each time.
For the moment, their status is : Not registered.
Click Apply.
Once you apply these settings, their status will change to OK.
If this isn't the case, don't panic.
Enter the same thing on the 2nd gateway server and click Apply.
Once the parameters have been applied on the 2 servers, click if necessary on "Refresh Status" and the state of your servers will be : OK.
Share this tutorial
To see also
-
Windows Server 6/7/2019
WS 2012 / 2012 R2 - RDS - Set up HA on your RDS infrastructure
-
Windows Server 3/8/2019
WS 2012 / 2012 R2 / 2016 - RDS - Access RemoteApp via a modern application
-
Windows Server 4/28/2019
WS 2012 / 2012 R2 / 2016 - RDS - Attempt to unblock the session as a user
-
Windows Server 3/16/2019
WS 2012 / 2012 R2 / 2016 - RDS - Change the properties of RemoteApps
You must be logged in to post a comment