none
Remote Desktop Gateway - Works from some locations but not others

    Question

  • Ok, re-trying this question, with more accurate information.

    I have a client with a RemoteApp and RDGateway services facing the public internet.  The conditions are these:

    1)  Able to log in successfully to the initial RD Web Access web page from any external location.  No issues are being reported internally.

    2)  Able to launch published apps successfully only from some external locations.

    3)  Using same user credentials, launching published apps from other locations results in "This computer can't connect to the remote computer because the Terminal Services Gateway server is temporarily unavailable" error.

    4)  From the same locations where launching a published app fails, I am able to make a direct RDP connection to the server running Gateway and RemoteApp services using the native RDP client in Windows.

    5)  There is no common ISP in the mix.

    6)  As far as I can tell, there is no CAP or RAP in effect that would cause only selective clients to connect

    7)  The client is using a DigiCert ssl certificate, not a self-signed cert.

    8)  The RD Broker service is installed and running.

    Can anyone hazard a guess as to why this would be working from some external locations, yet produce the above-noted error at other sites?  I will be happy to provide any additional information that mau be needed ... but I just don't know where to start looking.

    Regards and thank you in advance.

    Chris

    Friday, December 07, 2012 10:13 PM

Answers

  • Hi,

    As a test, when you receive "This computer can't connect to the remote computer because the Terminal Services Gateway server is temporarily unavailable" error,pls try to get to this website: https://your-gateway-URL/rpc to see whether it works.If normal,you will be prompted with logon box.If not,then i suggest you confer with your network admin for the confirmation.

    When this happens, can you please see if the ts Gateway service is actually still running at the time it occurs? Or does the service go down and then restart?
    Also, please check the TS Gateway logs in event viewer (under windows logs). any errors?

    In addition, rule out the firewall as being at all involved.

    Regards,

    Clarence

    TechNet Subscriber Support

    If you are TechNet Subscription user and have any feedback on our support quality, please send your feedbackhere

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.


    Monday, December 10, 2012 3:26 AM
    Moderator

All replies

  • Hi,

    As a test, when you receive "This computer can't connect to the remote computer because the Terminal Services Gateway server is temporarily unavailable" error,pls try to get to this website: https://your-gateway-URL/rpc to see whether it works.If normal,you will be prompted with logon box.If not,then i suggest you confer with your network admin for the confirmation.

    When this happens, can you please see if the ts Gateway service is actually still running at the time it occurs? Or does the service go down and then restart?
    Also, please check the TS Gateway logs in event viewer (under windows logs). any errors?

    In addition, rule out the firewall as being at all involved.

    Regards,

    Clarence

    TechNet Subscriber Support

    If you are TechNet Subscription user and have any feedback on our support quality, please send your feedbackhere

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.


    Monday, December 10, 2012 3:26 AM
    Moderator
  • Hello Clarence,

    Thanks for your reply.  To respond to your suggestions:

    1)  From a location that receivess the error message, I am able to go to https://gateway-URL/rpc and I am successfully presented with a login prompt.  Once the login is completed, all I see is a blank page (which I assume is to be expected).

    2)  The Gateway Service does not, at any time, stop and restart.  No entries are created in the TS-Gateway logs when the error is encountered.

    3)  Upon closer examination using the Fiddler Web Debugger (https://fiddler2.com/fiddler2/) I am finding that I receive the following HTTP error at locations where the "Temporarily Unavilable" error is encountered.  The error is as follows, and is recorded in the Fiddler tool after logging in to the Web Access page and during an attempt to launch a published application:

    HTTP/1.1 502 Fiddler - DNS Lookup Failed

    DNS Lookup for "hostname.domainname.org" failed.  No such host is known. (Note:  the actual netbios name of the app server and the actual domain name is included in the error message.  I have excluded the information).

    Looking at general details of the 502 error, this is possibly a proxy or gateway issue.  I am engaging the firewall vendor (Sonicwall) to ensure that the device is configured and working properly.

    I hope this helps.  If you (or anyone else) happens to have any insight into the above error in the meantime I am all ears.

    Thank you and regards,

    Chris

    • Edited by chrisb1 Tuesday, December 11, 2012 12:28 PM
    Tuesday, December 11, 2012 12:25 PM
  • Hello Again Clarenece,

    I have finished a support call with the Firewall vendor (Sonicwall) and they have confirmed that the device is functioning properly.  There are no dropped packets being encountered, and HTTPS traffic is being successfully forwarded from external IP to internal host via the expected NAT rule.

    I now feel that the issue leis within the client's infrastructure.  But again, I'm not sure what it might be as I am not finding any errors on the server side.  The affected clients are still receiving the error:

    HTTP/1.1 502 Fiddler - DNS Lookup Failed

    DNS Lookup for "hostname.domainname.org" failed.  No such host is known. (Note:  the actual netbios name of the app server and the actual domain name is included in the error message.  I have excluded the information)

    when trying to connect.

    Is this something that is going to require an MS Technical Support Incident to get resolved?  I'd rather not, obviously.  But unless anyone has any ideas of what the cause might be ... that might be my only option.

    Thanks and regards,

    Chris

    Wednesday, December 12, 2012 6:56 PM
  • Sorry for the delay.I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.
    Thank you for your understanding and support.

    Regards,

    Clarence

    TechNet Subscriber Support

    If you are TechNet Subscription user and have any feedback on our support quality, please send your feedbackhere.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Monday, December 17, 2012 5:21 AM
    Moderator
  • Hi,

    Please configure the TS Gateway per the steps in the following article. It enables you to configure a TS Gateway server so that a remote user can access an internal network resource over the Internet, through the TS Gateway server.

    http://technet.microsoft.com/en-us/library/cc754252(v=WS.10).aspx


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Wednesday, December 19, 2012 10:28 AM
  • Hi,

    Any updates about this Gateway issue?


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Monday, December 24, 2012 2:30 AM
  • Hi Ruby,

    Sorry.  Thought I had closed this question.  The issue did get resolved.  It was an incorrect URL setting for the gateway.  It was pointing to the internal FQDN of the server rather than the public-facing DNS hostname.

    Thank you for the follow-up.  Apologies for not seeing this sooner.

    Regards,

    Chris

    Wednesday, January 23, 2013 6:49 PM
  • Out of curiosity, where was this setting? It sounds like it would have been the client, since I can't find documentation on how to set the gateway URl...
    Monday, August 25, 2014 5:55 AM