Forum Discussion

Mr_H_29744's avatar
Mr_H_29744
Icon for Nimbostratus rankNimbostratus
Nov 20, 2014

RDS Gateway - Web Access connections only

Is it possible to restrict access to the Microsoft Remote Desktop Gateway VIP with either APM or an iRule or two to only allow connections preauthenticated by the Web Access Server? Or even just a configuration on the Gateway itself?

 

The presentation is as standard build from http://www.f5.com/pdf/deployment-guides/f5-microsoft-remote-desktop-services-dg.pdf with a combination of senario 2 & 4.

 

Just wondering if there is anything already out there that has been used or can be adapted to this service.

 

APM
application delivery
design
devops
iRules
LTM
microsoft
security

3 Replies

Sort By
  • Mr_H_29744's avatar
    Mr_H_29744
    Icon for Nimbostratus rankNimbostratus
    Nov 20, 2014

    Thanks for the reply.

     

    What are the advantages of using the APM as a Gateway verses a VIP for a MS Gateway? Will I be able to use the APM Gateway to communicate with the broker via SSL or will it require various ports for access to the required resources?

     

    I still want to be able to use the presentation of the Web Access Portal.

     

    I'll have a read over this thanks.

     

  • Michael_Koyfma1's avatar
    Michael_Koyfma1
    Icon for Cirrus rankCirrus
    Nov 20, 2014

    Ah, in that case, you are definitely better off using Web Access Portal of RDS - the feature is just acting as a pure RDP proxy, but does not publish RDS feeds just yet to the APM webtop.

     

    In your case, you can just put an APM policy in front of the Gateway VS to perform pre-authentication and then you should be able to SSO right into it.