RDS NLB not working externally


  • I have a 3 host RDS farm with the following host(s) setup:

    TS1 - RD Session Host, RD Gateway, RD Web Access, RD Connection Broker

    TS2 - RD Session Host, RD Web Access

    TS3 - RD Session Host, RD Web Access

    I also have 3 users setup for testing (test, test2 and test3) in the Domain Users group in AD.

    I believe I have everything configured correctly with regard to AD groups, DNS, etc.

    Here's the situation:

    When I'm inside the network I can launch mstsc and go to, am presented with a login credentials box and enter test and it's password, get presented with cert warning for ts1 and get a session.  Then I launch another RDP window, hit again, login with test2 and it's password get cert warning for ts1 then cert warning for ts2 then get a session on ts2.  Then I launch another RDP window, hit a third time, login with test3 and it's password, get a cert warning for ts1 then a cert warning for ts3 then get a session on ts3.  As I understand it, this is the expected behavior for RDS with Gateway and NLB internally.

    HOWEVER, if I do the same steps from the internet I get a session on TS1 (the gateway) with the test account but when entering credentials for the test2 account on the second session I get the cert screen for ts1 then RDP says configuring session, then initiating session then hangs until I get the dreaded "Remote desktop cannot connect to the remote computer for one of these reasons..."

    I've read through everything I can find on technet and the web and can't seem to find the issue.  I don't care about cert issues right now as this is a test lab and meant for a proof of concept before going live where we'll get all the correct certs in place.

    Any help on this would be greatly appreciated!



    Monday, November 04, 2013 1:58 AM


All replies