How to Access Citrix VDI-in-a-Box 5.1 Desktops through Microsoft Remote Desktop Gateway
Citrix have released a new version of VDI-in-a-box 5.1 and this guide makes it possible to access you VDI internal and external with Microsoft Remote Desktop Gateway.
I recommend that you use Citrix Netscaler Access Gateway.
Summary
This article describes how to access VDI-in-a-Box 5.1 desktops through Microsoft Remote Desktop Gateway.
Requirements
- VDI-in-a-Box 5.1 grid
- Windows 2008 R2 Service Pack 1 server with access to internet and intranet.
Background
Citrix Access Gateway Enterprise Edition lets the users access VDI-in-a-Box desktops using HDX remote protocol. In certain scenarios when the customers want their users to access VDI-in-a-Box desktops from internet using RDP remote protocol, the users must use Microsoft Remote Desktop Gateway. This article details the steps they need to take to configure RD Gateway and VDI-in-a-Box so that the users can access their desktops using RDP remote protocol.
Procedure
- Configure Windows 2008 R2 server. The server should be in the same domain as the VIAB desktops.
- Configure Remote Desktop Gateway service in the Remote Desktop Services role.
- Configure IIS and RD Gateway services by accessing the Server Manager UI. Then select Roles, and click Add Roles, as displayed in the following screen shot:
- Select Remote Desktop Services and Web Server (IIS) roles and click Next on this as well as the subsequent two screens, as displayed in the following screen shots:
- Select Remote Desktop Gateway service and click Next:
- Click Add Required Role Services on the Add Roles Wizard screen:
- Select a Certification Authority (CA) issued or self-signed SSL certificate for SSL encryption and click Next:
- Select Now on the Create Authorization Policies for RD Gateway screen and click Next, as displayed in the following screen shot:
- Click Add to add the user groups that can connect remotely through RD Gateway and the click Next:
- Click Next on the Create an RD CAP for RD Gateway screen:
- Select Allow users to connect to any computer… and click Next, as displayed in the following screen shot:
- Click Next:
- Do not clear Network Policy Server. Click Next on this and the subsequent two screens:
- Click Install to start the installation, as displayed in the following screen shots:
- Once the installation is complete, click Close:
- Download IIS Application Request Routing (ARR) 2.5 or higher from http://www.iis.net/download/applicationrequestrouting and install it on Windows 2008 R2 server, as displayed in the following screen shot:
- Click I Accept to agree to the license terms:
- Click Finish:
- Select the application for installation and click Install, as displayed in the following screen shot:
- Restart the Windows 2008 server.
- Re-logon to Windows 2008 server and start Server Manager.
- Navigate to Roles > Web Server (IIS) > Internet Information Services (IIS) Manager in the left panel and click on URL Rewrite in the right panel to start URL Rewrite configuration manager, as displayed in the following screen shot:
- Click Add Rule(s)… to start the Add Rule(s) dialog, as displayed in the following screen shot:
- Select Reverse Proxy and click OK twice, as displayed in the following screen shots:
- Enter IP address of a vdiManager in the grid or the grid IP address, select Enable SSL Offloading, and click OK, as displayed in the following screen shot:
- Click Edit… to edit the inbound rule, as displayed in the following screen shot:
- Enter dt/(.*) in the Pattern field, as displayed in the following screen shot:
- Enter the IP in the pattern http://<IP address of a vdiManager or grid>/{R:0} in Rewrite URL field. Select Append query string and clickApply, as displayed in the following screen shot:
Configuring vdiManager
- Navigate to the Admin tab.
- Click on Advanced Properties link.
- Configure RDP Gateway properties and click OK:
Source
CTX134286