I need to publish an RDWEB application from an Internal Server using RDGateway.
Here are the details:
I have an internal Terminal Server on a Domain Private VLAN running Windows 2016.
It only has inbound public access on TCP Port 443 and UDP Port 3391 with DUO MFA through a Load-Balancing Proxy, which offloads SSL and then re-encrypts the 443 traffic for the RDG..
It is NOT on a DMZ, and is NOT using Citrix.
I need to use the same server for both RDG and RDWEB.
Internal domain RDG server is (fake name and domain): "RDServer1.xyzdomain.local"
External domain is (fake name and domain): "xyzdomain.com"
I have published the RDWEB Portal at: "https://appname.xyzdomain.com/RDWEB";
I have published the RD Gateway at: "https://apps.xyzdomain.com";
I have installed a wildcard cert (*.xyzdomain.com) on both the RDG and RDWEB instances.
When I connect to the RDWEB Portal from outside the domain, it connects fine (no cert errors) and shows the published apps.
When I click on a published app, it downloads a .RDP file that is set to connect on Port 3389, and points to my internal private domain server (RDServer1.xyzdomain.local), which cannot work, because,
a. My certificate does not cover my internal domain, and
b. Port 3389 is not open from the outside.
I've tried editing the .RDP file, but still get errors such as: "RD Gateway not available", etc.
HOW DO I MAKE THIS WORK???
