ComputersConsumer ElectronicsCell PhonesHome Theater & AudioInternetGraphic Design & Video EditingIndustrial Technology

How to Remote Desktop via Proxy Server to a Remote Desktop Server

Updated on December 19, 2016
Click thumbnail to view full-size

Why the Need to Use a Proxy Server ?

Small to medium companies often allow all outbound traffic. However, an increasing number of medium to large companies are filtering outbound traffic, including RDP traffic, and often have the need for such a connection to go through a proxy server. In such situations clients can no longer Remote Desktop directly across to the Terminal Servers using the Microsoft Remote Desktop Client or other variations.

In such organisations, a type of proxy server needs to be installed. Most web browsers and some applications have settings for a proxy server to be entered so that users can access the Internet services provided by the web browsers and applications.

The standard Microsoft Remote Desktop Client software does not have this option.

Infrastructure Requirements

The infrastructure must contain the following servers:

1. A Server with the Remote Desktop Services Role installed and the Remote Desktop Session Host and Remote Desktop Web Access Role Services installed. This is the actual Remote Desktop Server which clients will run remote desktop to and run the published apps from.

2. A Server with the Remote Desktop Services Role installed and the Remote Desktop Gateway and Remote Desktop Web Access Role Services installed. This will be the landing page where the users will connect to via Internet Explorer. It will connect to the server's Remote Desktop Web Access portal, and once logged in, users will see the published apps they have permissions to. One of the applications that can be enabled for users to use is the Remote Desk Client Active X version.

3. A Server with the Remote Desktop Services Role installed and the Remote Desktop Connection Broker Role Services installed. This is used to configure the Source.



Configurations Required on the Remote Desktop Session Host and Web Access Server

1. Install the necessary application on the server i.e. the application you want to publish.

2. Run Remote App Manager to publish the application.

3. Make sure the RD Gateway Settings are configured. This is the key to making it possible to Remote Desktop through a proxy server.

4. Repeat above steps on all RD Session Host servers.


RemoteApp Manager

RemoteApp Manager Deployment Settings

Configurations Required on the Remote Desktop Gateway

RD Gateway Manager is used to configure the following:

1. A valid SSL Certificate needs to be purchased (or a self-signed one created) and installed on the Remote Desktop Gateway.

2. Connection Authorization Policies - this determines which users or groups have access to use the Remote Desktop Gateway. It's better to use groups.

3. Resource Authorization Policies - this determines which resources on the network can be access by which users or groups.

4. Run Remote Desktop Web Access Configuration to configure the Source of the Remote App Programs. They can be the name of the individual Remote Desktop Session Host Servers or the name of the Remote Desktop Session Host Farm, or alternatively if you have setup a Remote Desktop Session Broker (i.e. you are using session broker for load balancing), specify the name of the server with the Session Broker role.

RD Gateway Manager - Connection Authorization Policies

RD Gateway Manager - Resource Authorization Policies

RD Web Configuration

Configurations Required on the Remote Desktop Connection Broker (in using Session Broker)

1. Run Remote Desktop Connection Manager. In the Remote App Sources section, Add the Remote App Source, which is the name of the Remote Desktop Session Host Farm.

Remote Desktop Connection Manager

Conclusion

You should now have an idea for how to setup Remote Desktop through a Proxy Server. The key in all of this is the Remote Desktop Gateway. While Remote Desktop Web Access allows accessing the application via a web portal, it is only the Remote Desktop Gateway which allows a user to connect to it via a proxy server, and then can connect to the Remote Desktop Session Host on the client's behalf without the client needed to be able to access it directly.

Comments

    0 of 8192 characters used
    Post Comment

    • sengstar2005 profile image
      Author

      sengstar2005 11 months ago from Sydney

      Hi Prasun,

      The article was meant for a situation where a company is hosting an application which runs under Remote Desktop services for their clients. Some companies do not mind their employees remote desktop directly to the internet to connect to services. Some companies restrict outgoing traffic altogether and allow only http/https traffic via a proxy server to the internet. Therefore, the company hosting the application need to come up with a solution so that they can offer their application to the client who is only allowed to use http/https traffic. This article shows how to setup the Microsoft Remote Desktop services environment so that it can be accessed by a web browser (Internet Explorer) via a proxy server from a client's premise. By a web browser, I don't mean one person accessing it. I mean many users all connecting simultaneously into their own Remote Desktop sessions but done via their own web browser.

    • profile image

      Prasun Bose 11 months ago

      The above steps seems to be too technical. Instead, I would recommend use of remote support tools like logmein, R-HUB remote support servers, teamviewer etc. They are easy to use and work well.