Remote Desktop HA connection broker and HA Gateway Help!! RRS feed

  • Question

  • i have 2x Session Hosts app1 and app2 and on these i have installed Connection Broker, RD Gateway, Session host. on app1 i have also installed RDWeb.  also a DC, this is domain, SQL and RDS licencing, these are all VM's,

    Connection broker is in High availability mode with the sql express database on DC (for testing) 

    RD Gateway is in a farm (added from gateway manager (both app1 and app2 are in here) status is OK

    Session Hosts are in a collection (vpn) these share the load , this works fine.

    DNS wise i have the collection name VPN going to app1 and app2

    DNS Connection Broker wise i have HA name RDHACB going to app1 and app2

    when both servers app1 and app2 are up , everything is working nice.

    Testing failover.

    if i shut down App1 (this is the active deployment) then i cannot connect any users. i get a gateway is not available error

    if i shut down App2 with users connected (this is not The active deployment) any users on this gets booted, and need to reconnect, and users can again log back in, but they loose these session, so like a new login.

    i have my Router forwarding to app1, an I'm thinking that this might be the issue. should i be using NLB to create a cluster for app1 and app2 and point the forward to the cluster IP Address? not sure when ty talk about load balancing , where this should be configured 

    i am using a modified RDP file to connect to Gateway



    • Edited by wallsy Tuesday, October 6, 2020 8:59 AM
    Tuesday, October 6, 2020 8:55 AM

All replies

  • Hi,

    if your router forwards port 443 to a machine and you shut down that machine, it's not very surprising that you cannot establish new connections. And if App1 also is a (or even the only?) DC, DNS and whatnot and you shut it down, it's not unexpected that you get issues ;-)

    Evgenij Smirnov

    Tuesday, October 6, 2020 6:22 PM
  • HI Evgeni

    i have also tried windows NLB, cluster with app1 and app2 in the cluster , with router forwarding to the cluster ip address, this also failed, so I'm at a loss as to how to get this working, i understand that the results are not surprising, but you don't offer any solution. i have read a ton of documentation on this and mostly there is a trend to just show a set up that uses 1 server to host all the services, which is ok for a quick how to , but not a real solution really  that has failover and some resilience.

    Wednesday, October 7, 2020 7:03 AM
  • Hi,

    I wrote a lengthy reply but then the portal engine ate it. 

    I agree that most tutorials you're likely to find on the Internet put everything on the same machine. In my world, however, the opposite is true:

    • No other role will ever coexist with a Session Hosts (those are to be treated like desktops so likely to be rebuilt if an app misbehaves or malware hits)
    • No other role will ever coexist with RDG (since it has a leg in untrusted zone)
    • Friends don't let friends use WNLB in virtualised environments (actually, strike virtualised)
    • SQL can only be colocated with broker if there's HA for SQL as well

    So your deployment needs at least six machines:

    • SQL + Licensing
    • RDG (can add another and build a farm if you have HLB)
    • 2x (Broker + RDWeb) balanced by HLB or even round robin DNS - the latter is certainly more than sufficient for Web
    • 2x Session Hosts (or more, as you see fit or your collections require)

    Here's how you load balance RDS:

    Evgenij Smirnov

    Wednesday, October 7, 2020 7:29 AM
  • Unfortunately we do not have the resources to make 6 servers , or have a kemp load balancer, so the set up that we have chosen to go with would be the following. i note all that you have said, but for now this is the only option for me. is there any way for this to work? 

    App1 session Host -Connection Broker, RD Gateway, Session host, RDWeb

    App2 session host -Connection Broker, RD Gateway, Session host

    DC Domain Controller DC, this is domain, SQL Express and RDS licencing (Connection broker HA DB)

    RD Gateway is in a Farm with App1 and App2

    Connection Broker is HA Mode, App1 and App2 with SQL express on DC 

    I have installed NLB on App1 and App2 multicast, affinity none, on separate Nic's  and created a Cluster with IP

    I have pointed the Router port forward to (NLB cluster) 443 and 3391

    also created DNS A record for NLB 

    Can ping cluster from all servers and router

    when trying to connect, i get an error , ' cant connect to the remote PC because the Remote Desktop Gateway Server is temporarily Unavailable. Try connecting later or contact your network administrator for assistance, error code 0x3000062.

    this works if a point the forward to one of the App servers, but not the cluster with the same machines in it!!

    Wednesday, October 7, 2020 8:07 AM