Shulou(Shulou.com)06/02 Report--

Windows2008R2 remote Desktop Gateway configuration Manual

I. brief introduction

Terminal Services Gateway (TS Gateway) is a terminal service sub-role, which allows authorized remote users to connect to terminal servers and workstations in the enterprise network through Internet. The RDP connection program realizes the communication between the client and the terminal server based on HTTPS. In this way, organizations can easily and securely enable remote users or people who go out to work to access selected servers and workstations without using an × × connection.

2. Some of the main benefits of TS gateway are as follows:

Enables remote users to securely connect to corporate network resources through Internet without the need for complex virtual private network (× ×) connections. Take advantage of the security and availability of the HTTPS protocol to provide terminal services without client configuration. Provides a comprehensive security configuration model that administrators can use to control access to specific resources in the network. Enables users to remotely connect to terminal servers and remote workstations through firewalls and network address translators (NAT). A more secure model is provided that allows users to access only selected servers and workstations instead of accessing the entire enterprise network through × ×.

Terminal Services Gateway provides organizations with a secure and easy way for remote users to access servers and workstations in the network without installing and configuring × × connections. With comprehensive security features, administrators can also control access to specific resources.

Steps to install Windows Server 2008 R2

1. Start the computer using the Windows Server 2008 R2 product CD.

2. When prompted for a computer name, type 2008RDG.

3. Follow the other instructions displayed on the screen to complete the installation.

Next, configure the TCP/IP property so that 2008RDG has an IPv4 static IP address

To configure TCP/IP properti

Log in to 2008RDG using the 2008RDG\ Administrator account.

2. Click start, Control Panel, Network and Internet, Network and sharing Center, change Adapter Settings, right-click Local connection, and then click Properties.

3. Check the basic configuration. As shown in the picture

Install remote Desktop Gateway

To install and configure a remote Desktop Gateway server, you must add a remote Desktop Gateway role service. Windows Server 2008 R2 includes the option to install the remote Desktop Gateway role service through the server manager.

To install the remote Desktop Gateway role service

1. Log in to 2008RDG as 2008RDG\ Administrator.

two。 Open the server manager. To open Server Manager, click start, point to Administrative tools, and then click Server Manager.

3. Under the role Summary heading, click add role.

4. In the add role Wizard, if the before you start page is displayed, click next.

On the Select a server role page, select the remote Desktop Services check box under roles, and then click next.

6. On the remote Desktop Services page, click next.

On the Select role Services page, select the remote Desktop Gateway check box.

8. If you are prompted to specify whether you want to install other role services required by the remote Desktop Gateway, click add required role Services.

9. On the Select role Services page, click next.

On the Select a server authentication certificate for SSL encryption page, select create a self-signed certificate for SSL encryption, and then click next.

On the create authorization policy for remote desktop gateway page, select now, and then click next.

A. on the Select user groups that can be connected through the remote Desktop Gateway page, the default option. Click next.

On the create RD CAP for remote Desktop Gateway page, enter the name of the remote Desktop connection Authorization Policy (RD CAP) RD_CAP_01, select password, and then click next.

C. On the create RD RAP for remote Desktop Gateway page, enter the name RD_RAP_01 of the remote Desktop Resource Authorization Policy (RD RAP), and then select allow users to connect to any computer on the network. Click next.

On the Network Policy and access Services page (which appears if this role service is not already installed), view the summary information, and then click next.

On the Select role Services page, verify that Network Policy Server is selected, and then click next.

On the Web Server (IIS) page (which appears if the role service is not already installed), view the summary information, and then click next.

On the Select role Services page, select FTP Server, and then click next.

16. On the confirm installation selection page, verify that the following role services will be installed:

-remote Desktop Services\ RD Gateway

-Network Policy and access Services\ Network Policy Server

-Web server (IIS)

RPC on HTTP Agent

-FTP server

17. Click install.

18. On the "installation Progress" page, the installation progress will be indicated.

On the installation results page, verify that the installation of these roles, role services, and features has been successful, and then click close.

To export a SSL certificate for a remote Desktop Gateway server and then copy it to a CONTOSO-CLNT computer

1. On the remote Desktop Gateway server, open "role", select "RD Gateway Manager", right-click the "Properties" of the local server, and select "create self-signed Certificate" in "SSL Certificate":

2. Create a self-signed certificate whose name must be the same as the computer name, and you can specify the location where the certificate is stored.

3. In the server farm option, add the server farm, enter the computer name, and then click "add" press the cue point "apply" and other system verification, as shown in the figure.

4. Detect policy attributes, as shown in the figure.

4.1

4.2

4.3

4.4

4.5

Verify remote Desktop Gateway functionality

(1) steps to install a SSL certificate for a remote desktop gateway server on a computer

1. Copy the certificate generated on the remote desktop server to the operating computer and install the certificate

2. Select "local computer" for storage location:

3. Select trusted Certificate Authority to import the certificate.

4. Then click "Import" and you will be prompted after the import is successful, and then you will be sure to complete it.

Configure remote Desktop connection

1. "start" → "run" enter "mstsc" to open a remote desktop connection.

2. Click "display options" and select "Settings" in "Advanced".

3. Enter the server name "2008RDG" in "RD Gateway Server Settings", and then confirm

4. Return to the "General" option to enter the IP that needs to be connected by the remote computer.

5. As shown in the figure, confirm the use of the gateway server.

6. Server credentials in RD Gateway. Enter the user name and password for 2008RDG. And check "remember my credentials".

Enter the user name and password of the remote computer.

8. Remote login is successful and configuration is complete.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.