Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral


Questions and Answers

Loading... Loading...

I am currently trying to set up the web access portion of Server 2008 R2 Remote Desktop Services through the Big IP. Currently regular remote desktop is working through the Big IP by using the deployment guide from here for regular Server 2008 (non R2 version):

http://www.f5.com/pdf/deployment-guides/windows-terminal-services08-dg.pdf

I went through the section for Web Access for this, but apparently there have been enough change to 2008 R2 RDS Web Access that it doesn't work with the setup provided for regular Server 2008.

Basically I can hit the IIS start page through the Virtual IP, but when I try to connect down to the /RDweb directory, it never connects and starts creating a loop. We have done Wireshark and LiveHTTPHeaders and with their support and we really have made any progress yet. All we know at this point is there is a loop getting created.

I have a case open right now with F5 to see if they are working internally on a 2008 R2 guide, but I thought I would check here to see if anyone else has started trying this type of set up yet. I would like to offload the SSL through the Big IP as well. We have a wildcard cert on our Big IP that we use for pretty much everything.

If I go directly to the server and bypass the Bip IP VIP that was created, everything works as expected. This is default RDS Web Access install. No changes have been made to the server or IIS config at all. There is a redirect itself in the IIS config through (by default) that when you hit http://servername.domain.com/RDweb or HTTPS://servername.domain.com/RD it redirects you to https://servername.domain.com/RDWeb/Pages/en-US/login.aspx?ReturnUrl=default.aspx

I don't know if that is causing a problem or not, but that is the default set up from Microsoft when you install that role.

Info on 2008 R2 RDS Web Access for those who are interested:

http://technet.microsoft.com/en-us/library/dd560668(ws.10).aspx

http://technet.microsoft.com/en-us/library/cc772452.aspx

http://technet.microsoft.com/en-us/library/cc772214.aspx

http://technet.microsoft.com/en-us/library/cc731508.aspx


Anybody got any ideas or is trying this kind of setup as well?

1 Answer(s):

I believe we have figured out that cause. You can set this up in a lab to verify if you need too. If you use the 2008 deployment guide (non R2 version), you need to change two parts for web access.

1. You have to create a HTTPS health monitor, instead of HTTP. Use this monitor to create your pool with your members in it.
2. Set the Server side SSL setting on the virtual IP to use the serverssl setting.

If you don't, you will get a endless loop of redirects.

Your answer:

You must be logged in to reply. You can login here.