+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 20
Windows Server 2008 R2 Thread, RDWeb, Session Host - external access woes... in Technical; Hello, just trying to set up remote access through RDWeb to a Session Host, but while it works fine internally, ...
  1. #1
    ben604's Avatar
    Join Date
    Jan 2010
    Posts
    314
    Thank Post
    81
    Thanked 29 Times in 24 Posts
    Rep Power
    22

    RDWeb, Session Host - external access woes...

    Hello, just trying to set up remote access through RDWeb to a Session Host, but while it works fine internally, as soon as I try to connect from an external network, I get a "Remote Desktop can't find the computer "sessionhost.blah.local". This might mean that "sessionhost.blah.local" does not belong to the specified network. Verify the computer name and domain that you are trying to connect to."

    Do I need to set up a broker or gateway? Massively confused, as usual....

  2. #2

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,083
    Thank Post
    853
    Thanked 2,678 Times in 2,272 Posts
    Blog Entries
    9
    Rep Power
    769
    It looks like your system is configured to point to an internal address rather than an external one. You need to setup RD gateway and an external subdomain remote.yourschool.school.uk or whatever, get an SSL certificate for that and allow port 443 through the firewall from the external IP that your subdomain points to in to the internal IP of your RD web site server. You should also setup an internal DNS record pointing remote.yourschool.school.uk to the internal IP of the RDweb server so that users inside are not bouncing out to the beb to access it.

  3. Thanks to SYNACK from:

    ben604 (15th April 2011)

  4. #3
    ben604's Avatar
    Join Date
    Jan 2010
    Posts
    314
    Thank Post
    81
    Thanked 29 Times in 24 Posts
    Rep Power
    22
    Quote Originally Posted by SYNACK View Post
    It looks like your system is configured to point to an internal address rather than an external one. You need to setup RD gateway and an external subdomain remote.yourschool.school.uk or whatever, get an SSL certificate for that and allow port 443 through the firewall from the external IP that your subdomain points to in to the internal IP of your RD web site server. You should also setup an internal DNS record pointing remote.yourschool.school.uk to the internal IP of the RDweb server so that users inside are not bouncing out to the beb to access it.
    Thanks for that. We've got a remote subdomain set up which has an SSL cert attached, so the users get to the RDWeb page with no problems and authenticate too, it's at the point when they click on Remote Desktop that we get the error. I'll take a look at setting up an RD Gateway.

  5. #4

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,083
    Thank Post
    853
    Thanked 2,678 Times in 2,272 Posts
    Blog Entries
    9
    Rep Power
    769
    As I remember it there is a setting in the remoteapp bit where you pick the SSL cert and site name that you use for the published packages. If you have it setup with the external SSL etc you should just be able to chanage the publishing cert and address to the external one which should point it the right way and hopefully sort it.

  6. #5

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,047
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    RDS can be a pain sometimes i have uninstalled it and installed it again and it just worked fine :/ can be very random! lol

    Have you specified which server it connect to or/ have you said any device on network...

    I can't remember where now.. (boots RDS box up)

    James.

  7. #6
    ben604's Avatar
    Join Date
    Jan 2010
    Posts
    314
    Thank Post
    81
    Thanked 29 Times in 24 Posts
    Rep Power
    22
    Quote Originally Posted by EduTech View Post
    RDS can be a pain sometimes i have uninstalled it and installed it again and it just worked fine :/ can be very random! lol

    Have you specified which server it connect to or/ have you said any device on network...

    I can't remember where now.. (boots RDS box up)

    James.
    It's pretty frustrating, to be honest!

    When I click on Remote Desktop (the icon, not the tab where you can enter a computer name) it has the session host server specified. It looks as if it can't resolve the DNS name to the server as it's not on the internal network. At a guess, I need to point the RD icon to the RDGateway which will resolve the DNS name of the session host...but it's working out where to put what names and redirects!

  8. #7

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,047
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    Is that the RD Icon on your RemoteWebApps..?

    on your internal DNS do you have an A Record setup for remote.domain.sch.uk pointing to the RDS Server? I generally use the External FQDN everywhere in the settings.. and have a Forward looking up zone for external domain and an A Record for 'remote' set to point to RDS Server..

    Works fine for me,

    James.

  9. #8
    ben604's Avatar
    Join Date
    Jan 2010
    Posts
    314
    Thank Post
    81
    Thanked 29 Times in 24 Posts
    Rep Power
    22
    Ok, sort of getting there...I'm no longer getting the "Remote Desktop can't find the computer "sessionhost.blah.local"...." error as it's pointing to the RDGateway server, however, I'm getting a "Your computer can't connect to the remote computer because the Remote Desktop Gateway server address is unreachable or incorrect. Type a valid RDG server address". Would that point to a certificate problem? I've created one for www.remote.prentonxxx.local and imported it into the client, but that hasn't fixed the problem..?

  10. #9

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,047
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    you should not to have "www" certificate should just be for remote.domain.lea.sch.uk and that should be imported into RDS and Digitally Signed Cert Parts also.

    If the certificate is done properly you should not have to import it to a client.

    James.

  11. #10
    ben604's Avatar
    Join Date
    Jan 2010
    Posts
    314
    Thank Post
    81
    Thanked 29 Times in 24 Posts
    Rep Power
    22
    Hi James, thanks for your pointers here and there, I've got it working. It's a self signed jobbie to start with, just to prove the concept and it's working finally...

    Just for my sanity, what certificates do I need? One for the RDWeb access and one for the Session Host server?

  12. #11


    Join Date
    Oct 2006
    Posts
    3,411
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    148
    Quote Originally Posted by ben604 View Post
    Hi James, thanks for your pointers here and there, I've got it working. It's a self signed jobbie to start with, just to prove the concept and it's working finally...

    Just for my sanity, what certificates do I need? One for the RDWeb access and one for the Session Host server?
    You only need one for your gateway. The others can be self signed, the users will just get prompted to accept it. They will have internal hostnames which makes life difficult anyway x

  13. #12

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,083
    Thank Post
    853
    Thanked 2,678 Times in 2,272 Posts
    Blog Entries
    9
    Rep Power
    769
    You should only need one, the remote.yourschool.school.uk one which is used for everything to do with it. You should have an internal DNS record for remote.yourschool.school.uk that points to the internal IP so that internally it resolves to that name and the cert works both inside and outside the network.

    Quote Originally Posted by AngryTechnician View Post
    1. In your onsite DNS, create a new Primary zone named mail.domain.org
    2. In this zone, create an A record with a blank name and the IP address that mail.domain.int uses. Once created, it will show as as having a name of (same as parent folder).


    That's it.
    Last edited by SYNACK; 15th April 2011 at 03:21 PM.

  14. #13
    ben604's Avatar
    Join Date
    Jan 2010
    Posts
    314
    Thank Post
    81
    Thanked 29 Times in 24 Posts
    Rep Power
    22
    Sorry to ressurect an old thread, but I had to take a bit of time off from this, so didn't manage to try out those certificate suggestions. Here's where I'm at...

    Staff will log into https://remote.schooldomain.co.uk/rdweb, currently I have a self created certificate securing that site.

    Staff then click on the Remote Desktop icon which redirects them to a server called session.schooldomain.local. Currently, when you click that icon, it displays a warning that the identity of the session host can't be verified, do you want to proceed anyway.

    It gives the certificate name as: session.schooldomain.local which isn't from a trusted authority.

    I've tried a redirection within DNS from remote.schooldomain.co.uk to the IP of the session host, but that had no effect, same thing happens...

    Am I being stupid?!

  15. #14
    gybe78's Avatar
    Join Date
    May 2008
    Location
    Aylesbury
    Posts
    142
    Thank Post
    24
    Thanked 30 Times in 20 Posts
    Rep Power
    18
    Do you have a RD Gateway setup?

  16. #15
    ben604's Avatar
    Join Date
    Jan 2010
    Posts
    314
    Thank Post
    81
    Thanked 29 Times in 24 Posts
    Rep Power
    22
    Quote Originally Posted by gybe78 View Post
    Do you have a RD Gateway setup?
    Yes, the RD Gateway role is on the RDWeb server, whether it's configured correctly is a different matter...

    The self signed certificate, remote.schooldomain.co.uk is installed on on the Gateway.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. [MS Office - 2010] [Access] Reports textbox woes
    By RabbieBurns in forum Office Software
    Replies: 0
    Last Post: 2nd February 2011, 09:40 PM
  2. iSCSI LUNs or Volumes and multiple access from different Hyper-V Host servers
    By mbyrew in forum Thin Client and Virtual Machines
    Replies: 4
    Last Post: 5th June 2010, 01:32 PM
  3. Cannot query External host IP from new DNS Server + DC
    By albertwt in forum Windows Server 2000/2003
    Replies: 3
    Last Post: 9th November 2009, 07:21 AM
  4. RdWeb and File Access
    By chrissmall in forum Windows Server 2008 R2
    Replies: 4
    Last Post: 3rd November 2009, 03:53 PM
  5. Replies: 4
    Last Post: 12th February 2009, 11:00 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •