RemoteApp with web access (RDWEB) does not work from outside

Context

In an RDS environment which is made up of several hosts, a broker service and an RDS gateway, RDP connections from the RDS gateway do not work.

The RDS Gateway policy is configured with the host servers as shown in the following capture.

Strategie gateway

Connections to RemoteApp applications work fine from inside the company, but not from outside.

Cause

The IIS configuration of the RDWEB portal presents the broker server as an entry point, but it is not authorized in your resource access policy.

Solutions

The first idea that comes: modify the IIS configuration; that does not solve the problem.

Solution 1: Add the broker server in the resource access policy.

Add the broker server to the authorized servers at the level of the access policy.

Lorsque l’on ouvre une session sur bureau à distance ou une RemoteApp en passant les fichiers RDP générés sur le portail Web (RDWEB), la connexion est envoyée en premier au service broker qui va ensuite redirigé avec sur un hôte de la collection.

Solution 2: allow all resources

Change your policy to allow connections to all resources on your network.

I do not recommend this solution which opens all of your servers to the planet.