[SOLVED] HAProxy + Remote Desktop Gateway

[browne]

Hello,

I already set up HAProxy as a reverse proxy on port 443 with ACME for some web servers, Exchange, ....

Right now I am struggeling with adding our remote desktop gateway server.
https://www.haproxy.com/documentation/haproxy/deployment-guides/remote-desktop/rdp-gateway/
I want to use the "SSL bridging mode" in order to get rid off the certificate errrors.

If I understand everything there correctly I will need a seperate frontend for the RDP gateway because of some special settings and of course on another port than 443. Sadly I failed with just copying the given config as I didn't figure out where to set all the options.

Is there someone who has already set up haproxy with a remote desktop gateway server and would be so kind to share his config?

(Sorry for double posting this here and in the "Web Proxy Filtering and Caching" sub forum. But I thought more people would read it here.)

Best regards
browne

[mimugmail]

Did you search the forums? I already posted the answer some time ago, it needs an ACL to deny a specific URI to work. Just search the forums

[browne]

Thank you very much!
I already saw your post in that other thread, but couldn't believe it had to do with my problem.

Could you please explain to me: Why do I have to use this rule and what exactly it does?

browne

[mimugmail]

I have no idea, but I guess when this URI is accessible it tries something which is not supported and with this the connection might be "downgraded" or similar.

[browne]

We tracked it down to some NTLM issues on the RDP Gateway...
https://support.microsoft.com/en-us/help/2903333/terminal-services-client-connection-error-0xc000035b-when-you-use-lmco

Anyway it is working perfectly fine now!