+ Post New Thread
Results 1 to 7 of 7
Windows 7 Thread, Remote Desktop Services Setup in Technical; Hi there Im getting a bit confused here, for external/internal dns/certificates, etc you need for RDS We will soon have ...
  1. #1
    pritchardavid's Avatar
    Join Date
    Sep 2009
    Location
    South Ockendon, Thurrock, United Kingdom
    Posts
    932
    Thank Post
    18
    Thanked 64 Times in 58 Posts
    Rep Power
    26

    Remote Desktop Services Setup

    Hi there

    Im getting a bit confused here, for external/internal dns/certificates, etc you need for RDS

    We will soon have it setup this way


    Server Called RemoteMaster

    - Gateway
    - Connection Broker
    - RD Web
    - Licence Server

    Server Called Remote01
    - RD Host
    - Remote Apps

    Server Called Remote02
    - RD Host
    - Remote Apps


    Our wesite address is www.{domain}.com
    Our Active Directory Domain is also theockendonacademy.com

    At the momment all the roles installed on RemoteMaster are installed on Remote01. I have made a new virtual server with these roles on it, just need to know how to configure this right.


    We want RDWeb to connect through remote.{domain}.com
    And the same using the Remote Desktop Connection Client
    And the same for adding Remote Apps & Desktop Connections for the start menu.

    Now am I right here?

    1x External IP address that resloves everything to remote.{domain}.com

    The Broker/RDWeb/Gateway will find the correct resources from a farm I make for example remotehosts.{domain}.com (that DNS name only being internal and only internal IP addresses)

    And has I said above, that means two DNS names, which I gusse thats means two Security Certs.
    Last edited by ZeroHour; 15th November 2012 at 01:45 PM.

  2. #2
    mb2k01's Avatar
    Join Date
    Jan 2007
    Posts
    1,151
    Thank Post
    191
    Thanked 235 Times in 199 Posts
    Rep Power
    94
    Hi. Yep - absolutely correct. I did the exact same job a couple of weeks ago

  3. Thanks to mb2k01 from:

    pritchardavid (4th September 2011)

  4. #3
    pritchardavid's Avatar
    Join Date
    Sep 2009
    Location
    South Ockendon, Thurrock, United Kingdom
    Posts
    932
    Thank Post
    18
    Thanked 64 Times in 58 Posts
    Rep Power
    26
    Many thanks, just what I wanted to here

    Once I get settled with our new domain, will try the Forefront TMG

    Any idea what the difference between TMG & UAG?


    Im I correct that with TMG you can just have one single external IP address and have as many external DNS names as you want

    Doing More with Just One Public IP (Part 1) « UnplugThePBX

    We have quite a few External IP addresses already, im im sure we are not allowed anymore without paying which I doubt the school would do!

    We have a few things that we will be wanting to setup, Lync Server, that requires a few, our new library software that we should be getting, moving the vle to a subdomain, maybe trying out sharepoint, so that would require quite a few IP Addresses!
    Last edited by pritchardavid; 4th September 2011 at 02:37 AM.

  5. #4

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,271
    Thank Post
    884
    Thanked 2,749 Times in 2,322 Posts
    Blog Entries
    11
    Rep Power
    785
    Quote Originally Posted by pritchardavid View Post
    Many thanks, just what I wanted to here

    Once I get settled with our new domain, will try the Forefront TMG

    Any idea what the difference between TMG & UAG?


    Im I correct that with TMG you can just have one single external IP address and have as many external DNS names as you want

    Doing More with Just One Public IP (Part 1) « UnplugThePBX

    We have quite a few External IP addresses already, im im sure we are not allowed anymore without paying which I doubt the school would do!

    We have a few things that we will be wanting to setup, Lync Server, that requires a few, our new library software that we should be getting, moving the vle to a subdomain, maybe trying out sharepoint, so that would require quite a few IP Addresses!
    TMG is very simmilar to ISA 2006 just with more features and more support for stuff like SIP. You can do that multiple subdomain stuff on ISA too as we do thanks to NZ ISPs only allowing one IP per connection.

    I think that TMG Standard allows multiple external IPs fine, if ISA does then TMG will.

    TBH the interface is a little different with the extra features like web and mail filtering (optional subscription based). The BPA (Best Practices Analizer) is even the ISA one.

    The only thing that you need the extra IPs for is for different SSL subdomains as you can only have one SSL cert per IP however if you have a wildcard cert this limitation goes away also.
    Last edited by SYNACK; 4th September 2011 at 02:49 AM.

  6. #5
    pritchardavid's Avatar
    Join Date
    Sep 2009
    Location
    South Ockendon, Thurrock, United Kingdom
    Posts
    932
    Thank Post
    18
    Thanked 64 Times in 58 Posts
    Rep Power
    26
    ok this method has not worked, I have now set it up has above

    website works through remote.{domain}.com......... no remote apps or desktop dont work (cant connect to remotehosts.{domain}.com)

    doesnt work through remote apps in the start ment eithier

    doesnt work through the start menu eithier, it remotes to the master remote computer instead of the farm name (remotehosts.{domain}.com)


    has everything got to be setup under one dns name or something? gateway/farmname etc
    Last edited by ZeroHour; 15th November 2012 at 01:45 PM.

  7. #6
    pritchardavid's Avatar
    Join Date
    Sep 2009
    Location
    South Ockendon, Thurrock, United Kingdom
    Posts
    932
    Thank Post
    18
    Thanked 64 Times in 58 Posts
    Rep Power
    26
    update

    has I have add so much problems with this, I have decided to set it all up this way


    Remote01
    - RDSH (farm called remote.{domain}.com)
    - RD WEB (can get to this typing in remote.{domain}.com)
    - GATEWAY
    - BROKER

    Remote02
    - RDSH (farm called remote.{domain}.com)
    - RD WEB (can get to this typing in remote.theockendonacademy.com)
    - GATEWAY


    So the only difference between these two servers in that one has the broker role installed and the other doesnt.

    I believe I have setup this all correctly, even got proper SSL certs installed


    However we have a weird problem externally

    Sometimes when we launch a remote app that will work fine, but then the remote desktop connection to the server doesn't work (same effect when using the remote desktop tool under start menu)

    and again the other way round (remote desktop connection to the server works but the remoteapps doesn't work)


    As this is externally (over the internet) the only difference is that it will use the gateway server.
    As both servers have the gateway role installed it should work fine using remote.theockendonacademy.com address (have set this setting under the broker and remoteapps, instead of it automatically detecting it)

    Any ideas, really need to get this working asap
    Last edited by ZeroHour; 15th November 2012 at 01:45 PM.

  8. #7
    mb2k01's Avatar
    Join Date
    Jan 2007
    Posts
    1,151
    Thank Post
    191
    Thanked 235 Times in 199 Posts
    Rep Power
    94
    Your update differs from your original plan doesn't it? On that you had three servers comprised of two rds and one gateway?
    What was your reason for trying to make both rds servers have the gateway role?

    The set up I have is as above in your original plan. Only the gateway server is accessible from the net, which is the point of the product - it negotiates contact with other accessible machines without having to have them all published to the net.

    Ignoring all of that for a minute, if you have rds gateway up and working, can you connect internally?
    If you are using the RDP client itself don't forget that you will have to connect to the farm name, then have the appropriate gateway settings listed in options > advanced > connect from anywhere. For me, this looks like:

    Conenct to: rdsfarm.school.internal
    Connect from anywhere gateway settings: remote.school.com, use NTLM and bypass for local addresses



SHARE:
+ Post New Thread

Similar Threads

  1. Remote Desktop Services
    By pritchardavid in forum Licensing Questions
    Replies: 5
    Last Post: 12th October 2010, 06:20 PM
  2. Now BECTA has gone, do we NEED to have a VLE? Remote Desktop Services instead?
    By Ben_Stanton in forum Virtual Learning Platforms
    Replies: 11
    Last Post: 11th June 2010, 02:35 PM
  3. Remote Desktop Services - SSO Problems
    By ginge in forum Thin Client and Virtual Machines
    Replies: 0
    Last Post: 27th May 2010, 10:44 AM
  4. Remote Desktop Services - Mandatory Profiles
    By mmoseley in forum Windows Server 2008 R2
    Replies: 4
    Last Post: 15th March 2010, 09:31 AM
  5. [Windows Software] Server 2008 R2 Remote Desktop Services
    By HMCTech in forum Licensing Questions
    Replies: 1
    Last Post: 4th November 2009, 11:49 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •