+ Post New Thread
Results 1 to 11 of 11
Internet Related/Filtering/Firewall Thread, Problem with TMG, RDWeb and SSL in Technical; Running into an odd problem with getting RemoteApps working externally.. I have an external SSL from GoDaddy which is working ...
  1. #1

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,698
    Thank Post
    863
    Thanked 662 Times in 435 Posts
    Rep Power
    501

    Problem with TMG, RDWeb and SSL

    Running into an odd problem with getting RemoteApps working externally..

    I have an external SSL from GoDaddy which is working fine, and the RDS server also has an internal SSL created via AD's CA

    I have successfully published RDWeb via TMG2010 with SSL (GoDaddy) and can login and see all the published RemoteApps, but when I click on an app and enter my login details, it says that the certificate is from an uncertified source.

    The SSL in question is from the TMG Server which is not assigned to anything!

    If I continue the app throws an error sayings its not in the list of authorised programs

    Internally, everything works fine..

    I have no idea why it is using this TMG SSl and not the External or RDS SSL...

  2. #2

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,070
    Thank Post
    160
    Thanked 926 Times in 728 Posts
    Blog Entries
    3
    Rep Power
    273
    Quote Originally Posted by Gatt View Post
    Running into an odd problem with getting RemoteApps working externally..

    I have an external SSL from GoDaddy which is working fine, and the RDS server also has an internal SSL created via AD's CA

    I have successfully published RDWeb via TMG2010 with SSL (GoDaddy) and can login and see all the published RemoteApps, but when I click on an app and enter my login details, it says that the certificate is from an uncertified source.

    The SSL in question is from the TMG Server which is not assigned to anything!

    If I continue the app throws an error sayings its not in the list of authorised programs

    Internally, everything works fine..

    I have no idea why it is using this TMG SSl and not the External or RDS SSL...
    Ok,

    When you create the secure published rule in TMG you have to provide an SSL Certificate don't you? Is that the one it is bringing forward when you try it externally? If so is this one different to the one you have got for the RDS Server?

    James.

  3. #3

    Join Date
    Mar 2007
    Posts
    1,800
    Thank Post
    85
    Thanked 296 Times in 227 Posts
    Rep Power
    87
    are you using w7?. rd web has issues with external certs in w7 without service pack. xp and w7sp1 will both be fine. ironically a selfsigned cert would be fine.

  4. #4

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,070
    Thank Post
    160
    Thanked 926 Times in 728 Posts
    Blog Entries
    3
    Rep Power
    273
    Quote Originally Posted by strawberry View Post
    are you using w7?. rd web has issues with external certs in w7 without service pack. xp and w7sp1 will both be fine. ironically a selfsigned cert would be fine.
    Weird, I have many people running Windows 7 without the Service Pack and have not had any issues being brought up. What kind of problems you expirienced?

    My machine at home don't have SP1 as well just aint got round to do it, and i connect to about 5 different RDS Configurations. (it shouldn't really give you a problem, aslong as the RD Client is to the latest version or/ you have enabled your RDS Server to accept connections from the older RD Client).

    J

  5. #5

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,698
    Thank Post
    863
    Thanked 662 Times in 435 Posts
    Rep Power
    501
    Think I've narrowed it down
    Its something to do with the RDS services on the TMG server..
    Or a lack of them.. Waiting on it rebooting

    SSL Sorted now but keep getting the following error

    "Windows cannot start the RemoteApp program.

    The following RemoteApp program is not in the list of authorized programs:
    Calc

    For assistance, contact your system administrator"

  6. #6

    Join Date
    Mar 2007
    Posts
    1,800
    Thank Post
    85
    Thanked 296 Times in 227 Posts
    Rep Power
    87
    Quote Originally Posted by EduTech View Post
    My machine at home don't have SP1 as well just aint got round to do it, and i connect to about 5 different RDS Configurations. (it shouldn't really give you a problem, aslong as the RD Client is to the latest version or/ you have enabled your RDS Server to accept connections from the older RD Client).

    J
    Stuff about the online check failing , its documented here, not sure what the differencing factor is, suspect its my cheapo cert but it works fine in xp and 7 with sp1. Certificate revocation check from external network.

  7. #7

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,070
    Thank Post
    160
    Thanked 926 Times in 728 Posts
    Blog Entries
    3
    Rep Power
    273
    Quote Originally Posted by strawberry View Post
    Stuff about the online check failing , its documented here, not sure what the differencing factor is, suspect its my cheapo cert but it works fine in xp and 7 with sp1. Certificate revocation check from external network.
    Oh right, could possibly be i guess as the certs i use are all from RapidSSL.

    @ GATT

    This error may be caused by missing Host Records of the TS servers on the local DNS, To fix this issue, please add the Host Records of the Terminal Servers into the local DNS and test it again.

  8. #8

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,698
    Thank Post
    863
    Thanked 662 Times in 435 Posts
    Rep Power
    501
    yeah came across that, its already in it.. will double check tho...

  9. #9

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,070
    Thank Post
    160
    Thanked 926 Times in 728 Posts
    Blog Entries
    3
    Rep Power
    273
    Quote Originally Posted by Gatt View Post
    yeah came across that, its already in it.. will double check tho...
    Yeah I have had it happen before for someone, and looking on the web it appears to have cropped up a few times. I am just logging into one of my RDS Servers see if i can grab some settings for you to look at see if they match up. RDS either goes through swimmingly! or a problem crops up and it does your head in! lmao

    Have you Digitally Signed the .rdp Files?
    Attached Images Attached Images
    Last edited by EduTech; 26th November 2010 at 10:01 PM.

  10. #10

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,698
    Thank Post
    863
    Thanked 662 Times in 435 Posts
    Rep Power
    501
    Ok I'm getting a little confused as to what to put where:

    The TMG rule appears sound.

    DO I ned to configure RDS, etc on the TMG server - if so what with?

    What do I configure on the RDS Server that will be hosting the apps?

    User > Web > TMG -> RDS should be the path

    Internally its all fine
    Externally the SSLs are now sorted and working

    What do I configure for the RD Session Host, the RD Gateway on both the TMG and the RDS servers?

  11. #11

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,698
    Thank Post
    863
    Thanked 662 Times in 435 Posts
    Rep Power
    501
    Ok finally got it working...
    removed almost everything from TMG and put the external IP address in and its working - thought not internally

    Not too bothered as its really gonna be used externally....

SHARE:
+ Post New Thread

Similar Threads

  1. SSL certificate internal/external problem...
    By Vstar in forum Windows Server 2000/2003
    Replies: 4
    Last Post: 20th May 2010, 03:05 PM
  2. RdWeb and File Access
    By chrissmall in forum Windows Server 2008 R2
    Replies: 4
    Last Post: 3rd November 2009, 03:53 PM
  3. SSL & OWA Problem
    By mmoseley in forum Internet Related/Filtering/Firewall
    Replies: 0
    Last Post: 11th August 2009, 10:58 AM
  4. Sonicwall SSL VPN 200 Problem
    By FN-GM in forum Wireless Networks
    Replies: 0
    Last Post: 4th August 2009, 11:22 PM
  5. Exchange 2007 SSL - internal problem
    By burgemaster in forum Windows
    Replies: 3
    Last Post: 8th May 2008, 09:57 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •