KB ID 0001141
Problem
Eleven days! That’s how long it took to fix this, after seven days, I bit the bullet and logged a call to Microsoft. I spent hours on the phone to the Remote Desktop Team, The Web Application Proxy Team, and the Networking Team. I replicated the error by building a complete new domain, PKI, ADFS, Remote Desktop Deployment and Web Application Proxy Server. Then today I got a call from the ‘Connectivity Team’ who had it fixed in about 45 minutes.
Symptoms:
I had the entire deployment built in VMware, and it was deployed behind a Cisco ASA 5510, (it was a proof of concept for a client). The Web Application Proxy was in a DMZ. All this was sat on my test bench, and I was remote VPN connected. To test, I was using a Windows 10 client that was running on my laptop, (in VMware Fusion). I had all the public DNS names in the remote clients ‘Hosts file’.
Your computer can’t connect to the remote computer because the Remote Desktop Gateway server’s certificate has expired or has been revoked. Contact your network administrator for assistance.
After trying to get a rid of this error Microsoft asked me to put another client in the DMZ, and try connecting though the Web Application Proxy from there. Then I got this error;
Your computer can’t connect to the remote computer because an error occurred on the remote computer that you want to connect to. Contact your network administrator for assistance.
Solution
I had the remote Desktop Web Access, and the Remote Desktop Gateway roles installed on the same server, (which is fine). You will notice if you look at the examples I posted above, that the URL for web access was https://remote.smoggyninja.com (1), and the Gateway is set to rdg.smoggyninja.com (2), both these resolved to the public IP address of the Web Application Proxy. Then on the Web Application proxy they resolved to the internal IP address (192.168.100.114 set in the servers hosts file).
This was the problem! Simply changing the advertised name of the Remote Desktop Gateway server from ‘rdg‘ to ”remote‘, fixed all the problems.
Launch Server Manager > Remote Desktop Services > Collections > {Collection-name} > Tasks > Edit Deployment Properties > RD Gateway > Change > Apply.
Related Articles, References, Credits, or External Links
Special thanks and kudos to Nathanaël Stassart who tested the whole concept for me, and stayed engaged in the Microsoft Forum.
Hi Pete,
Just a question, how are your clients resolving the name REMOTE.SMOGGYNINJA.COM ? Are you pointing this name to your external IP address in every client’s local hosts file??
Thanks in advance
Regards
In that example I am yes, but obviously in production, you will need to publicly register a domain and hostname.
P
Cheers Pete, solved my issue today! Bookmarked for future!