Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000121360

Configuring Remote Desktop Gateway (RD Gateway) in Windows Server 2012 R2

Summary: This is a guide to configuring Remote Desktop Gateway in a single server RDS Deployment in Windows Server 2012 R2.

Article Content


RD Gateway

Remote Desktop Gateway is used to allow secure connections using HTTPS from computers outside the corporate network.  The configuration has been simplified in Windows Server 2012 and 2012 R2. 

It offers the following benefits.

  • Secure connections via HTTPS (Port 443 Default) without the use of a VPN
  • Enables connections through firewalls without opening additional ports IE:3389

It is recommended to always use certificates from a public Certificate Authority or an internal Certificate Authority.

Self-signed certificates will show as untrusted as you will see in the example below.  In the real world you would deploy using certificates from a CA your client trusts.


To start deployment of the RD Gateway, it is required you already have an RDS Deployment.


Select RD Gateway



Select the server name below and click the arrow to add it to the right hand column.


Type the external FQDN or URL that users will be typing in their web browser to reach the RD environment.


In the below example the external clients would type to reach the RD Gateway.  For an encrypted

connection to be successful the certificate name must match the FQDN.


Click Next.

The information at the bottom lets us know the deployment was successful however a certificate needs to be configured.

If you click "Configure certificate" you will be able to configure each roles needed certificate, however for informational

purposes we will navigate to those settings an alternate way to show you how to get it to it in the future should you ever need

to change certificates.


Click Close.


Next click on Tasks and click Edit Deployment Properties.



From here we can edit many of the deployment settings.  Our concern now is specifying a certificate.



Since  all roles are installed on a single server in this deployment, we need to be sure to use the same certificate

for Web Access and Gateway.  Here it is possible to run in to some issues if using self-signed certificates

which we will discuss later.


Since we do not have a purchased certificate or a CA of our own, we will click Create new certificate


Pick the certificate name, which needs to match the external FQDN of the server.  We have the option to store it

on the hard drive where we can import it to other machines.  Not necessary here but a good idea if you back up

your certificates separately.

You must allow the certificate to be added to the destination clients Trusted stores.


Click OK.



Click Apply.


As you can see I have applied the cert to both Roles here and it is Untrusted.   This once again is because it is

a self-signed certificate and should not be used in production.


Click OK when finished.


Had a certificate from a Public CA or my own CA been issued and used.  It would look more like what you see here.

This is what you want for any real-world setup.



You have now successfully configured the RD Gateway.   Further configuration and authorization policies can be done from Administrative Tools > Remote Desktop Services > Remote Desktop Gateway Manager.


Article Properties

Affected Product

Microsoft Windows 2012 Server, Microsoft Windows 2012 Server R2

Last Published Date

12 Mar 2021



Article Type

How To