Step 9: Verifying RD Gateway Functionality

Applies To: Windows Server 2008 R2

To verify that the integration between Forefront TMG and RD Gateway is functioning, complete the following tasks:

  • Install the SSL certificate for the RD Gateway server on the CONTOSO-CLNT computer.

  • Create an entry in the hosts file for the Forefront TMG server on the CONTOSO-CLNT computer.

  • Log on to CONTOSO-CLNT as Morgan Skinner and use Remote Desktop Connection (RDC) to connect to the RD Session Host server (RDSH-SRV) by using the Forefront TMG server (TMG-SRV) that is integrated with the RD Gateway server (RDG-SRV).

  • Verify the client connection on the RD Gateway server (RDG-SRV).

  • Verify the client connection on the Forefront TMG server (TMG-SRV).

To install the SSL certificate for the RD Gateway server on the CONTOSO-CLNT computer

  1. Log on to CONTOSO-CLNT as CONTOSO\Administrator.

  2. Open the Certificates snap-in console as follows:

    1. Click Start, click Run, type mmc, and then click OK.

    2. On the File menu, click Add/Remove Snap-in.

    3. In the Add or Remove Snap-ins dialog box, in the Available snap-ins list, click Certificates, and then click Add.

    4. In the Certificates snap-in dialog box, click Computer account, and then click Next.

    5. In the Select Computer dialog box, click Local computer: (the computer this console is running on), and then click Finish.

    6. In the Add or Remove snap-ins dialog box, click OK.

  3. In the Certificates snap-in console tree, expand Certificates (Local Computer), and then click Trusted Root Certification Authorities.

  4. Right-click the Trusted Root Certification Authorities folder, point to All Tasks, and then click Import.

  5. On the Welcome to the Certificate Import Wizard page, click Next.

  6. On the File to Import page, in the File name box, click Browse, and then browse to the location where you copied the SSL certificate for the RD Gateway server. Select the certificate RDG-SRV.cer, click Open, and then click Next.

  7. On the Certificate Store page, accept the default option Place all certificates in the following store - Trusted Root Certification Authorities, and then click Next.

  8. On the Completing the Certificate Import Wizard page, confirm that the correct certificate has been selected and that the following certificate settings appear:

    • Certificate Store Selected by User: Trusted Root Certification Authorities

    • Content: Certificate

    • File Name: FilePath\RDG-SRV.cer

  9. Click Finish.

  10. After the certificate import has successfully completed, a message appears that confirms the import was successful. Click OK.

  11. In the console tree, expand Trusted Root Certification Authorities, and click Certificates. In the details pane, verify that the certificate RDG-Srv.contoso.com appears in the list of certificates.

To create an entry in the HOSTS file on the CONTOSO-CLNT computer

  1. Click Start, point to All Programs, click Accessories, and then click Notepad.

  2. Within Notepad, click File, and then click Open.

  3. Browse to C:\windows\System32\drivers\etc\. From the file type drop-down list, click All Files. Select the file hosts, and then click Open.

  4. On a new line at the bottom of the file, type 10.0.0.13 RDG-Srv.contoso.com.

  5. Click File, and then click Save. Click File, and click Exit.

  6. Log off from the CONTOSO-CLNT computer.

To connect to RDSH-SRV with RDC by using RDG-SRV

  1. Log on to CONTOSO-CLNT as Morgan Skinner.

  2. Click Start, point to All Programs, point to Accessories, and then click Remote Desktop Connection.

  3. In the Remote Desktop Connection dialog box, click Options.

  4. On the Advanced tab, click Settings.

  5. On the RD Gateway Server Settings page, click Use these RD Gateway server settings, enter the following settings, and then click OK.

    • Server name: RDG-SRV.contoso.com

    • Logon method: Allow me to select later

    • Bypass RD Gateway server for local addresses: Clear check box

  6. On the General tab, in the Computer box, type rdsh-srv, and then click Connect.

  7. In the Windows Security dialog box, type the password for contoso\mskinner, and then click OK.

  8. If the connection is successful, a Windows desktop will appear on the screen for RDSH-SRV.

To verify the client connection on the RD Gateway server

  1. Log on to RDG-SRV as CONTOSO\Administrator.

  2. On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Gateway Manager.

  3. In the Remote Desktop Gateway Manager console tree, expand RDG-SRV (Local), and then click Monitoring.

  4. In the Monitoring details pane, verify an active connection.

  5. Select the active connection to review information about the remote connection.

To verify the client connection on the TMG server

  1. Log on to TMG-SRV as CONTOSO\Administrator.

  2. Open Forefront TMG Management. To open Forefront TMG Management, click Start, point to All Programs, click Microsoft Forefront TMG, and then click Forefront TMG Management.

  3. On the Welcome to Forefront TMG Wizard page, click Close.

  4. In the Getting Started Wizard window, click Yes.

  5. In the Forefront TMG console tree, expand Forefront TMG (TMG-Srv), and then click Monitoring.

  6. On the Session tab, review the active connections.

You have successfully deployed and demonstrated the functionality of integrating the Forefront TMG with the RD Gateway on Remote Desktop Services. You connected to an RD Session Host server by using Forefront TMG and RD Gateway with an authorized remote user account using Remote Desktop Connection. You can also use this deployment scenario to configure and test some of the additional capabilities of integrating the Forefront TMG and the Remote Desktop Services.