locked
Using 'Connect from Anywhere' in RDC to connect through UAG's RD Gateway to Session Hosts RRS feed

  • Question

  • Is there any documentation on how to connect through UAG's RD Gateway using the Remote Desktop Client (RDC) 'Connect from anywhere' feature. We have Remote Desktop published on our UAG and it works but it is too cumbersome for our users to sign on to the portal then sign on again to the RDP session. We would like to be able to deploy RDC shortcuts for faster access to their desktops.

    I cannot find anything on the subject and it doesn't work 'Out of the Box' as I tried to connect using the using uag public url for the remote desktop trunk and it fails instantly. I am guessing because of the portal but I have little experience with tradition RD Gateway so I am in need of some pointers.

     

    Thanks in advance.

    Saturday, June 4, 2011 8:44 AM

Answers

  • Hi,

    When UAG published RemoteDesktop Apps and Remote Desktops, a tight integration is created between UAG and RDG running on the same server. This means that RDG expects connecting clients to first connect to the UAG portal, go through the endpoint detection process and then authenticate to UAG. RDG running on the UAG server will check that the connecting clients are connecting within the context of an existing and valid UAG session, and it will also query a UAG component for the status of the endpoint detection of these clients, to determine which mappings should be enabled and which should be not.

     

    Therefore, what you are trying to achieve, to bypass the UAG portal, is not feasible.

     

    Regards,


    -Ran
    • Proposed as answer by Ran [MSFT] Tuesday, August 23, 2011 5:45 AM
    • Marked as answer by Erez Benari Friday, August 26, 2011 10:28 PM
    Monday, August 22, 2011 6:51 AM

All replies

  • Did you end up getting an answer for this / did you get it working?
    Monday, August 22, 2011 5:45 AM
  • Hi,

    When UAG published RemoteDesktop Apps and Remote Desktops, a tight integration is created between UAG and RDG running on the same server. This means that RDG expects connecting clients to first connect to the UAG portal, go through the endpoint detection process and then authenticate to UAG. RDG running on the UAG server will check that the connecting clients are connecting within the context of an existing and valid UAG session, and it will also query a UAG component for the status of the endpoint detection of these clients, to determine which mappings should be enabled and which should be not.

     

    Therefore, what you are trying to achieve, to bypass the UAG portal, is not feasible.

     

    Regards,


    -Ran
    • Proposed as answer by Ran [MSFT] Tuesday, August 23, 2011 5:45 AM
    • Marked as answer by Erez Benari Friday, August 26, 2011 10:28 PM
    Monday, August 22, 2011 6:51 AM
  • Hi Box,

    what Ran told is 100% valid for the build-in UAG scenarios (those which are supported by Microsoft).

    If you cant life with the way UAG configures the RDG for you, then fell free to publish a internal RD-Web / RDG server using UAG (with "bypass trunk authentication" enabled) or even side-by-side using Forefront TMG. Your dedicated RD-Web / RDG services would be "just another web application" in terms of UAG/TMG publishing. But be aware that you will most likely lose the additional RD benefits of UAG (e.g. Endpoint Inspection, Redirection Policies).

    -Kai

     

    Monday, August 22, 2011 5:15 PM
  • Thanks for your answers.

    I had trouble trying to identify if this functionality (connect from anywhere) worked through UAG. Now I have the answer :o)

    Tuesday, August 23, 2011 12:46 AM