How to use a single DNS domain name to access Remote Desktop Web Access from Internet via TMG 2010


  • I didn't find an answer for my question after search so I would like to get some help here.

    I have a Windows 2008 R2 RD Web Access and RD Gateway set up on the same server. I use a commercial SSL certificate for RDWeb publish via TMG 2010. My goal is to use a single DNS domain name to access the RDweb applications internally and externally. For example, I want to use "" for both internal and external use. So far, here is what I did:

    1. Internally, I can use "" to access RD Web access. I don't have to type "". That is easy to achieve since it is just a default page for site redirection under the IIS default web site.

    2. For external usage, I set up a publish rule on TMG 2010 to publish "/rdweb/*" and "/rpc/*" paths under "", I can use "" to get RD Web Access from Internet. I also set up the listener in TMG rule to allow HTTP redirection to HTTPS.

    So, everything appears works fine for me. However, I just can't use "" to access RD Web Access from Internet. If I try "", I got the error: "The Page cannot be display. Error Code: 403 Forbidden. The server denied the specified URL. Contact the server administrator (12202)"

    My question is: if we have published "/rdweb/*" and "/rpc/*" paths under "" site, what else should I do in TMG rule to publish the IIS default web site "" so that the traffic will be redirected to ""?

    Does anyone achieve such requirement? It would be nice if I can do that so users only need to remember "". They don't have to care about "" or if they should type  http/https.

    If someone can provide some guidance on this, it will be greatly appreciated.



    Dean Chen

    Monday, April 02, 2012 10:21 PM


All replies