10.8. Procedure – Configuring Remote Desktop clients for gateway authentication

Purpose: 

To configure the Remote Desktop applications of the clients to perform two separate authentications: one on the Remote Desktop Gateway (that is, on PSM), and one on the target server. For details on configuring PSM to act as a Remote Desktop Gateway (or RD Gateway), see Procedure 10.7, Using PSM as a Remote Desktop Gateway.

Prerequisites: 

  • PSM must be configured to act as a Remote Desktop Gateway. For details, see Procedure 10.7, Using PSM as a Remote Desktop Gateway.

  • The client must use version 6.1 or newer of the Remote Desktop application.

  • The target server must be member of a domain.

  • The logical interface of PSM must be accessible from the client. You might have to add the address of the logical interface to the Windows/System32/Drivers/etc/hosts file to accomplish this.

Steps: 

  1. On your Windows client, start the Remote Desktop Connection application and select Advanced > Settings.

    Figure 10.7. Configuring Remote Desktop clients to use PSM as a Remote Desktop Gateway (or RD Gateway)

    Configuring Remote Desktop clients to use PSM as a Remote Desktop Gateway (or RD Gateway)
  2. Configure the client to use PSM as its Remote Desktop Gateway. Select Connection settings > Use these RD Gateway settings.

    Figure 10.8. Configuring Remote Desktop clients to use PSM as a Remote Desktop Gateway (or RD Gateway)

    Configuring Remote Desktop clients to use PSM as a Remote Desktop Gateway (or RD Gateway)
  3. Enter the address of PSM into the Server name field. Use the address of the PSM's logical interface that you have configured to accept RDP connections.

  4. Select Logon method > Ask for password (NTLM).

  5. Uncheck the Bypass RD Gateway server for local addresses and Use my RD Gateway credentials for the remote computer options.

    Note

    Technically, gateway authentication is performed even if the Use my RD Gateway credentials for the remote computer option is selected, but the same credentials are used on the gateway and on the remote server.

  6. Click OK.

  7. Into the Username enter the domain username (for example, exampledomain\exampleusername).

  8. Click Connect.

    Note

    Depending on your network environment, it might take up to a minute until the connection is established.