Mark Berry September 1, 2014
I usually use straight RDP to connect to my Windows Server 2012 R2 Essentials machine, but I wanted to try Remote Web Access. I had no problem logging in to the RWA web page, but when I clicked on the sever and tried to open the RDP session through the gateway, it failed with no message.
This blog article sounded promising. Yes, I could connect through RWA by manually specifying the gateway address in Remote Desktop. The suggested fix is to re-configure the gateway address in IIS. But I couldn’t find that DefaultTSGateway setting on the Essentials machine, perhaps because the full RD Web role is not installed. I later downloaded the .rdp file offered by RWA and opened it in Notepad++. The gateway looked right.
dism /online /Enable-Feature:Gateway-UI
then started tsgateway.msc. It said my certificate was fine.
This ServerFault article about SBS 2011 mentioned that one problem is that in IIS, Windows Authentication is not enabled under the Default Web Site for Rpc and RpcWithCert. It was already enabled under Rpc:
but was not enabled under RpcWithCert:
At one point I enabled Windows Authentication at the root of the Default Web Site, and I was in fact able to connect via RWA. Then I realized I should be looking at the Rpc and RpcWithCert applications, so I disabled Windows Authentication at the Default Web Site root. I could still connect, even though I made no changes to Rpc and RpcWithCert! Huh? Maybe just installing the RD Gateway Manager and opening it reset the certificate?
Unfortunately, when I asked a colleague to try this from his computer, he also couldn’t connect. Still trying to figure out why it only works sometimes.
I stumbled across this as a possible workaround. When you try to log in and it pops right back with the login prompt, choose Use another account.
Then enter the same username, without changing the domain:
This has worked to get me in, though I have no explanation for why it doesn’t work with the domain\username provided by the RWA link.