To define whether users will connect to the Remote Desktop Session Host (RD Session Host) server across a firewall through Remote Desktop Gateway (RD Gateway), you can configure RD Gateway deployment settings.

Membership in the local Administrators group, or equivalent, on the RD Session Host server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at https://go.microsoft.com/fwlink/?LinkId=83477.

To configure RD Gateway settings
  1. On the RD Session Host server, open RemoteApp Manager. To open RemoteApp Manager, click Start, point to Administrative Tools, point to Remote Desktop Services, and then click RemoteApp Manager.

  2. In the Actions pane of RemoteApp Manager, click RD Gateway Settings. (Or, in the Overview pane, next to RD Gateway Settings, click Change.)

  3. On the RD Gateway tab, configure the desired RD Gateway behavior. You can configure whether to automatically detect RD Gateway server settings, to use RD Gateway server settings that you specify, or to not use an RD Gateway server.

    If you select Automatically detect RD Gateway server settings, the client tries to use Group Policy settings to determine the behavior of client connections to RD Gateway.

    If you select Use these RD Gateway server settings, do the following:

    1. Configure the RD Gateway server name and the logon method.

      Important

      The server name must match what is specified in the Secure Sockets Layer (SSL) certificate for the RD Gateway server.

    2. If you want the connection to try to use the same user credentials to access both the RD Gateway server and the RD Session Host server, select the Use the same user credentials for RD Gateway and RD Session Host server check box. However, users may still receive two prompts for credentials if conflicting credentials exist from any source such as Group Policy settings, and those credentials do not work. They may also receive two prompts for credentials if default credentials are used for the connection and those credentials do not work.

    3. If you want the client computer to automatically detect when RD Gateway is required, select the Bypass RD Gateway server for local addresses check box. (Selecting this option optimizes client performance.)

      To always use an RD Gateway server for client connections, clear the Bypass RD Gateway server for local addresses check box.

  4. When you are finished, click OK.

For more information about RD Gateway, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (https://go.microsoft.com/fwlink/?LinkId=140433).

For more information about Group Policy settings for Remote Desktop Services, see the Remote Desktop Services Technical Reference (https://go.microsoft.com/fwlink/?LinkId=138134).

Additional references