RD Web Access redirection issue RRS feed

  • Question

  • I'm trying to redirect http://rdsfarm.company.com to https://rdsfarm.company.com/rdweb

    The listener is directing http to https just fine.  However, redirecting to /rdweb is a problem.

    My RD Gateway role is also on the same server as the RD Web Access role.  This allows us to use a single external IP and 1 name certificate.  My rule's path has both <same as internal> for external, then one for /rdweb/* and another for /rpc/*

    I Googled around, and found 2 solutions that do not work for me:

    1) Make external path /* and internal path /rdweb/*.

     - TMG does not allow this if /rpc/* path exists.  Removing /rpc/* works in redirecting, but makes RD Gateway inaccessible.

     - If I make ext path /, it redirects me to https://rdsfarm.mycompany.com/Pages/default.aspx/ and I get an error 403.  The path should be: https://rdsfarm.mycompany.com/rdweb/Pages/en-US/login.aspx?ReturnUrl=default.aspx  (note the missing "rdweb", "en-US", and "login.aspx?").

    2) Action - Deny and redirect to http://rdsfarm.mycompany.com/rdweb

     - Seems to cause a problem with too many redirects error on the browser.  In IE, I get nothing.

    Any suggestions?

    • Edited by Guy Techie Friday, October 26, 2012 5:58 PM
    Friday, October 26, 2012 5:49 PM


  • Well, I found my own answer.  It was trial and error.  Maybe there is a better way.  For the benefit of the community, here goes:

    1) To redirect HTTP to HTTPS, simply enable HTTP and HTTPS in the Connections tab (for the Listener).  Make sure "Redirect all traffic from HTTP to HTTPS" is chosen.

    2)  Copy the original rule ("RD Gateway Rule", which in the Paths tab has /rpc/* and /rdweb/* coming from <same as path> externally) and called the new rule "RD Web Access Rule".

    3) Edit the new "RD Web Access Rule" Paths tab to only have "/*" as the external path, and "/rdweb/*" as the internal path.

    4) Make sure that the RD Gateway Rule is above the RD Web Access Rule.

    5) Apply everything.

    So TLDR: Actually need 2 separate rules to accomplish this, both using the same Listener.

    • Marked as answer by Guy Techie Friday, October 26, 2012 9:20 PM
    • Edited by Guy Techie Friday, October 26, 2012 9:20 PM
    Friday, October 26, 2012 9:20 PM