1

Edited for clarification on why I'm asking this question: Purely for educational purposes. I would normally care less for 2 nodes.

Not entirely sure if this is possible, but I have my desktop (windows 7) and a windows 2012 r2 server, and I was researching a bit into a remote desktop gateway, and it sounds like it would somehow let me have 2 rdp servers available externally from the external internet.

If what I interpreted is right, how would I set that up?

(and if I'm wrong, I'll just try to stick with making one of the rdp servers use a different port, and I do know how to do that).

Thanks for helping me out with that idea!

tommydrum
  • 111
  • 4
  • While my question is not a professional question, it was for learning purposes.. Like I said in a comment to one of the answers, I normally could care less for 2 nodes, but it is good experience to know how to set this up. – tommydrum Jul 02 '14 at 21:56

2 Answers2

1

I have not tried this, but apparently it is possible and a kind person has detailed the setup here

Here are the key steps detailed by sengstar2005:

  1. Install the Remote Desktop Gateway role service via Server Manager. You will need to install the Remote Desktop Services role first.
  2. Once Remote Desktop Gateway Role service is installed, run Remote Desktop Gateway Manager
  3. Go into the Policies section and create the Connection Authorization Policy. This is where you setup who’s allowed to log into the RDGateway.
  4. Go into the Policies section and create the Resource Authorization Policy. This is where you setup what resources can be accessed via RD Gateway and by whom.
  5. Right click on the RD Gateway server name and select Properties. A window will come up where you can fine tune the properties. You can use the default settings. However, you need to go into the SSL Certificate tab and install a certificate.
  6. Enable/Forward TCP Port 443 (SSL port) on your firewall to the RDGateway server.

It would seem that you need to create a few aliases on your external DNS so that the gateway knows which machine you want to connect to in the protocol rather than inferred from the IP/Port. This may require some thought if you have users who work remotely and in the office.

GeekyDeaks
  • 206
  • 1
  • 5
  • Please do not create plain links to sites as if the site goes down the information is lost. Please summarise the content (if possible) in your answer. – tombull89 Jul 01 '14 at 08:07
  • Ah sorry. New to this. I'll write up a summary. – GeekyDeaks Jul 01 '14 at 08:08
  • Looks interesting, I'll try it out later today. Thanks! – tommydrum Jul 01 '14 at 17:49
  • I think the paragraph before the steps confuses the over all answer. Also you don't have to enable 443 to get this working it just needs port 3389 (RDP). – Rhys Evans Jul 01 '14 at 18:10
  • Fair point. To be honest this is not my domain and I only ended up here whilst helping a colleague with a similar task. I figured I'd pass on the info I found, but it's by no means authoritative due to this – GeekyDeaks Jul 01 '14 at 18:33
1

I wouldn't bother not for the extra cost of running Windows Server for 2 internal machines larger scale probably would.

Why don't you just NAT / port forward different ports to internal IP's e.g.

0.0.0.0:3389 -> 192.168.200.54:3389
0.0.0.0:3390 -> 192.168.200.56:3389

That way you can access the machines via "mstsc /v 0.0.0.0" and "mstsc /v 0.0.0.0:3390" externally and at no cost.

Rhys Evans
  • 919
  • 8
  • 23