Hello,
I already set up HAProxy as a reverse proxy on port 443 with ACME for some web servers, Exchange, ....
Right now I am struggeling with adding our remote desktop gateway server.
https://www.haproxy.com/documentation/haproxy/deployment-guides/remote-desktop/rdp-gateway/
I want to use the "SSL bridging mode" in order to get rid off the certificate errrors.
If I understand everything there correctly I will need a seperate frontend for the RDP gateway because of some special settings and of course on another port than 443. Sadly I failed with just copying the given config as I didn't figure out where to set all the options.
Is there someone who has already set up haproxy with a remote desktop gateway server and would be so kind to share his config?
(Sorry for double posting this here and in the "Web Proxy Filtering and Caching" sub forum. But I thought more people would read it here.)
Best regards
browne
Did you search the forums? I already posted the answer some time ago, it needs an ACL to deny a specific URI to work. Just search the forums :)
Thank you very much!
I already saw your post in that other thread (https://forum.opnsense.org/index.php?topic=18429.msg83772#msg83772), but couldn't believe it had to do with my problem.
Could you please explain to me: Why do I have to use this rule and what exactly it does?
browne
I have no idea, but I guess when this URI is accessible it tries something which is not supported and with this the connection might be "downgraded" or similar.
We tracked it down to some NTLM issues on the RDP Gateway...
https://support.microsoft.com/en-us/help/2903333/terminal-services-client-connection-error-0xc000035b-when-you-use-lmco
Anyway it is working perfectly fine now!