Users can only connect to RD farm website and cannot remote into terminal server , when connected via VPN


  • Hello,

    I have a RD farm using 3 Win 2012 servers (1 broker and 2 session host), for internal use only, have not configured gateway for internet access.

    Users are able to connect to RD farm website and remote into terminal server, within office

    but can only connect to RD farm website and cannot remote into terminal server , when connected via VPN

    Its takes long time at securing connection and fails.


    • Edited by Beadmin Thursday, March 06, 2014 12:51 PM correct
    Thursday, March 06, 2014 9:52 AM


All replies

  • Hi,

    Thank you for your posting in Windows Server Forum.

    First of all I would suggest you to configure RD gateway role on your server and pass all the connection through it because it’s a best practice to use RD Gateway in RDS Farm. 

    Apart from this, if you are not using RD Gateway then you must check that you have successfully forwarded port 3389 for RDS to access via VPN. Also check that you have made configuration under IIS Manager to enable Forms Authentication. Please check this link.

    In addition, please refer beneath article for additional details.

    1. How to Access Windows Remote Desktop Over the Internet
    2. Remote Desktop Services in Windows 2008 R2 – Part 3 – RD Web Access & RemoteApp (For reference)
    Hope it helps! 

    Monday, March 10, 2014 2:13 AM
  • Hello Dharmesh,

    thanks for the reply, I don't really need to make this farm directly accessible over the internet and want to use existing VPN, do I need to still configure need to configure Gateway.

    I have installed this connection broker and 2 session host and they were working fine

    Today I verified the licenses are correctly installed, and also added gateway role (without certificate) and still did not work so removed it.

    also open port "3389" in win firewall for all the 3 profiles for all 3 servers, disable firewall etc
    I dont really see error in win event viewer, any further suggestion.

    I can ping these servers when connected to VPN, also can remote into them directly.but not via the web URL


    • Edited by Beadmin Thursday, March 13, 2014 8:15 AM info add
    Tuesday, March 11, 2014 1:47 PM
  • Hi,

    Thanks you for your comment. 

    You can try to enable Form Authentication under IIS and check the result. Please check below article for information.
    Configure the Remote Desktop Web Access Server to Allow Access from the Internet

    In addition also refer beneath thread. 
    Remote Desktop Services Tutorial #2 (RD Web Access)

    Hope it helps!

    Monday, March 17, 2014 7:00 AM
  • Hi,

    Thanks for posting in Windows Server forum.

    As this thread has been quiet for a while, we will mark it as ‘Answered’ and if there is anything new to update we will let you know by following up this thread.

    BTW,  we’d love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar problems. 

    Thanks for your Support & understanding!

    Friday, March 21, 2014 7:17 AM
  • Hello Dharmesh,

    I still have this issue and looking for a solution.

    Forms Authentication was already set to Enabled by default.

    I had created ticket with MS support but technician assigned really does not know anything,
    and I am stuck for weeks.


    Thursday, April 03, 2014 10:56 AM