Set Up TS Gateway
TS Gateway provides secure access to an organization's internal network where, with the proper credentials, the user can access the resources on the network, including computers, drives, and printers. TS Gateway provides all of the security, and possibly more than is available in L2TP VPN, yet it is easier to set up and easier to use. Most importantly, TS Gateway works well with firewalls, so that you can have pretty tight firewall settings and still remotely access the network on the other side of a firewall and across a network address translator (NAT).
TS Gateway is a role service within the TS role. In the "Install the Terminal Services Roles" section earlier in this tutorial, it was recommended that TS Gateway be installed at the same time TS was installed. If you haven't installed the TS Gateway role service, return to the "Install the Terminal Services Roles" section and do that now, including identifying or creating a security certificate and TS CAP and TS RAP policies.
TS Gateway is controlled by TS Gateway Manager, where you can control, among other items, who connects, what resources they use, whether redirection is allowed, and the specific security features in use. The TS Gateway Manager can be opened from either the Start menu or from the Server Manager.
- Open the TS Gateway Manager by clicking Start | Administrative Tools | Terminal Services | TS Gateway Manager.
Or, in the Server Manager, open Roles and Terminal Services, and click TS Gateway Manager.
In either case, the TS Gateway Manager will open. Double-click your server name in the middle pane to open the TS Gateway server. - In the middle pane:
- Click Monitor Active Connections to see a list of connections, to change the connection limit, and to edit and disconnect a connection.
- Click View Or Modify Certificate Properties to see a list of certificates and their properties or to create a new one.
- Click View Connection Authorization Policies (CAP) or View Resource Authorization Policies (RAP) to create a new policy and to change, disable, or delete the current policy.
- In the Actions pane, click Properties to open the server Properties dialog box. Here, you can limit the number of connections, select an existing certificate to use or create a new one, and manage several other features of TS Gateway. Close the server Properties dialog box when you are ready.
In the Actions pane, you can also export and import the TS Gateway server policies and configuration settings to and from a file that you can use with other servers.
TS Gateway should be considered as an excellent alternative to VPN that is arguably more secure, or at least as secure as L2TP or SSTP, and that is definitely easier to set up.
In this tutorial:
- Terminal Services Remote Desktop
- Understand Terminal Services
- Set Up Terminal Services
- Terminal Services Configuration
- Terminal Services Manager
- Use Applications Server Mode
- Manage TS RemoteApp
- Distribute a RemoteApp Program
- Using Remote Desktop Connection with RemoteApp Programs
- Set Up and Use TS Web Access
- Set Up TS Gateway
- Enable TS Session Broker
- Implement TS Licensing
- Activate a TS Licensing Server and Install Licenses
- Use Remote Administration Mode
- Remote Desktop Connection