Your company runs Remote Desktop Services. You have a Remote Desktop Web Access (RD Web
Access) server. You publish several applications on the internal network by using RD Web Access.
You need to ensure that the published applications are accessible from the Internet via an HTTPS
connection over port 443. What should you do first?
A.
Use Internet Information Services (IIS) Manager to disable Forms Authentication.
B.
Use Internet Information Services (IIS) Manager to enable Windows Authentication.
C.
Install and configure the Remote Desktop Gateway (RD Gateway) role service on the RD Web
Access server.
D.
Install and configure the Remote Desktop Connection Broker (RD Connection Broker) role service
on the RD Web Access server.
Explanation:
Remote Desktop Services in Windows 2008 R2 – Part 2 – RD Gateway The RD Gateway was formerly
known as Terminal Server (TS) Gateway. TS Gateway opened up Remote Access barriers providing
access to our Terminal Servers via SSL or port 443, as opposed to the conventional “legacy” VPN
access through either IPSEC or L2TP. In Windows Server 2008 R2, not much has changed and in
today’s article I will provide you with a step by step guide on configuring your RD Gateway which will
provide your remote users access to the Remote Desktop Host or RD Web Access via any Internet
connection utilizing Remote Desktop Connection client over HTTPS.
http://sharepointgeorge.com/2009/remote-desktop-services-windows-2008-r2-part-2-gateway/
Checklist: Make RemoteApp Programs Available from the Internet By using RemoteApp together
with RD Gateway, you can enable users to connect from the Internet to individual programs on a
Remote Desktop Session Host (RD Session Host) server without having to first establish a virtual
private network (VPN) connection. Depending on the deployment method that you choose, remote
users can connect to a program by opening an .rdp file, by clicking a shortcut to a Windows Installer
package on their desktop or Start menu, or by accessing a RemoteApp program through RemoteApp
and Desktop Connection by using RD Web Access. http://technet.microsoft.com/enus/library/cc772415.aspx Configure the Remote Desktop Web Access Server to Allow Access from
the Internet To allow users to access the RD Web Access server from the Internet, you can also
deploy RD Gateway. A recommended configuration is to place both the RD Gateway server and the
RD Web Access server in the perimeter network, with the Remote Desktop Session Host (RD Session
Host) servers that host RemoteApp programs behind the internal firewall. For more information
about how to deploy RD Gateway and about how to make RemoteApp programs available from the
Internet, see Checklist: Make RemoteApp Programs Available from the Internet. After you havedeployed RemoteApp programs, RD Gateway, and RD Web Access, you must configure your firewall
to allow Windows Management Instrumentation (WMI) traffic from the RD Web Access server to the
RD Session Host server. Additionally, verify that the RD Web Access Web site is configured to use
Forms Authentication. To configure the RD Web Access Web site to use Windows Authentication
instead of Forms Authentication or to not use SSL, see Remote Desktop Web Access Security.
http://technet.microsoft.com/en-us/library/cc770330 Important The RD Web Access Web site is
automatically configured to use Secure Sockets Layer (SSL) with a selfsigned certificate. By default,
the self-signed certificate is not a trusted certificate, and selfsigned certificates are recommended
only for testing and evaluation purposes. For more information about configuring the RD Web
Access Web site to use a trusted certificate, such as a certificate issued by a trusted public
certification authority (CA), see Remote Desktop Web Access Security.
http://technet.microsoft.com/en-us/library/cc730739.aspx