Forum Discussion
NimbostratusRDS Gateway - Web Access connections only
Is it possible to restrict access to the Microsoft Remote Desktop Gateway VIP with either APM or an iRule or two to only allow connections preauthenticated by the Web Access Server? Or even just a configuration on the Gateway itself?
The presentation is as standard build from http://www.f5.com/pdf/deployment-guides/f5-microsoft-remote-desktop-services-dg.pdf with a combination of senario 2 & 4.
Just wondering if there is anything already out there that has been used or can be adapted to this service.
3 Replies
Michael_Koyfma1Cirrus
It surely is - but how about leveraging APM to replace your Microsoft Remote Desktop gateway? Starting with version 11.6, you can use APM as native RDP Gateway:
https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-implementations-11-6-0.pdf
Mr_H_29744Thanks for the reply.
What are the advantages of using the APM as a Gateway verses a VIP for a MS Gateway? Will I be able to use the APM Gateway to communicate with the broker via SSL or will it require various ports for access to the required resources?
I still want to be able to use the presentation of the Web Access Portal.
I'll have a read over this thanks.
- Michael_Koyfma1
Ah, in that case, you are definitely better off using Web Access Portal of RDS - the feature is just acting as a pure RDP proxy, but does not publish RDS feeds just yet to the APM webtop.
In your case, you can just put an APM policy in front of the Gateway VS to perform pre-authentication and then you should be able to SSO right into it.
