Windows Server 2008 Terminal Services Gateway #2

Configuration of the Terminal Services Gateway is fairly straightforward. The following diagram shows the simplified configuration of how I configured it to get access to my home lab.

 

 

 

 

Windows 2008 provides wizards for all of it different components and the configuration of Terminal Services Gateway is probably the easiest in the entire solution. The most difficulty most people will encounter will be with acquiring SSL certificate for TS Gateway. You have a few choices here:

1. Get this certificate from one of the commercial CAs.

2. Implement your own PKI (like in my lab)

3. TS Gateway can issue self signed certificate. This is usually used only for testing.

Another challenge is to provide name resolution to the public IP address assigned to your router by your Internet service provider. Usually this IP is assigned via DHCP and unless you pay extra money to have static IP it can change. In my experience, if you keep your router powered on 24/7 the IP address doesn’t change very frequently. So use one of the many Dynamic DNS free services to keep the DNS name up to date with current IP address or just update it manually if you find that the IP has changed.

The key point here is that the name on the certificate you install on the TS Gateway must match the FQDN assigned to Public IP address on your router

Next time we’ll talk about how to configure TS Gateway server.