This week problem was to make working the Remote Desktop Gateway located behind a NAT. Here’s the lesson learned:
- Issue an SSL certificate with subject matching public DNS name (FQDN)
- Use default port 3389/TCP otherwise SSL certificate name won’t match FQDN returning an error:
The computer can’t verify the identity of the RD Gateway.
or if you put it to current user’s Trusted Root Certification Authorities:
Your computer can’t connect to the computer because the Remote Desktop Gateway server address requested and the certificate name do not match.
- Publish HTTPS port 443/TCP as well. Otherwise connection won’t be established returning another meaningless error:
Your computer can’t connect to the remote computer because the RDG server is temporarily unavailable.
That’s all, folks!