Quick setup guide for Windows Server 2016:
- Join the Windows 2016 server to the Active Directory domain.
- Add the Remote Desktop Services role.
- Create a Connection Authorization Policy. This policy specifies which groups are allowed to access this Remote Desktop Gateway.
- Create a Resource Authorization Policy. This policy specifies which servers are allowed access by which groups.
- Purchase an SSL Certificate from a public Certificate Authority like Comodo, DigiCert, Godaddy etc.
- Apply the SSL Certificate to the Remote Desktop Gateway.
- Accept the default Remote Desktop Gateway TCP Port of 443 or change it to a port of your choosing.
- Test the Remote Desktop Connection to a server behind the Remote Desktop Gateway DIRECTLY from the Remote Desktop Gateway server. This is to ensure that there is connectivity from the Remote Desktop Gateway to the servers that clients will need to connect to.
- Modify or create your firewall Rule to allow the Remote Desktop Gateway port to the Remote Desktop Gateway server.
- Test the Remote Desktop Connection to a server behind the Remote Desktop Gateway from the internet. You need to configure the Remote Desktop Client with the Remote Desktop Gateway address and port number.
Configuring the RD Client to use the Remote Desktop Gateway
- Verify the external server name or IP address and Port for the Remote Desktop Gateway
- Install an SSL Certificate on the Remote Desktop Gateway
- IF USING A SELF-SIGNED SSL CERTIFICATE: Trusting the Self-Signed SSL Certificate on the client. This step is optional on Mac clients, but MUST be done on Windows PCs to connect.
- Configuring the Remote Desktop client on the Mac AND/OR configuring the Remote Desktop client on Windows.