Configuring a Windows 2012 Server Remote Desktop Gateway NLB cluster

  • Article

This article will demonstrate how to configure 2 or more RDG nodes using IPv6 in a NLB cluster on Windows 2012 server.

In this example, each node will have two NIC’s, one for management and the other for the NLB. You will need to reserve a total of 3 IPv4 and 3 IPv6 addresses for this configuration.

  • Install the RDG feature, this can be done from a single node, just add the second server via "Add Servers" inside Server Manager

  • Under "Server Roles" select "Remote Desktop Services"

  •  Select "Remote Desktop Gateway" which will also add the Roles and Features below

  • Select defaults for remainder of setup
  • Configure RAP and CAP on each host, this can be scripted from Powershell

This script below will configure: 

  • TS_CAP_01 with local administrators group and domain users for Africa, SouthAmerica and NorthAmerica using “authMethod 3” (password and Smart Card)
  • TS_RAP_01 with local administrators group and domain users for Africa, SouthAmerica and NorthAmerica using “ComputerGroupType 2” (Allow all users to connect to any network resource)

-----------------------------------------------------------------------------------------------------------------------------------

Import-Module ServerManager

Add-WindowsFeature -Name RDS-Gateway -IncludeAllSubFeature

Import-Module RemoteDesktopServices

Set-Location RDS:\GatewayServer\CAP

New-Item -Name TS_CAP_01 -UserGroups 'administrators@BUILTIN', 'domain users@africa', 'domain users@southamerica', 'domain users@northamerica' -AuthMethod 3

cd..

Set-Location RAP

New-Item -Name TS_RAP_01 -UserGroups 'administrators@BUILTIN', 'domain users@africa', 'domain users@southamerica', 'domain users@northamerica' -ComputerGroupType 2

-----------------------------------------------------------------------------------------------------------------------------------

  •  Output from PowerShell script

  •  Install the NLB feature on each node (Sample PowerShell NLB install script below):

dism /online /enable-feature /featurename:NetworkLoadBalancingFullServer

dism /online /enable-feature /featurename:NetworkLoadBalancingManagementClient

  • Give each NIC a friendly name ex. MGMT and NLB
  • Configure the static IPv4 and IPv6 address on the NLB interface 

  • Open the NLB manager snapin and select "New Cluster"

  • Enter in the hostname of the first node in the cluster and select the NLB interface

  • Double check to make sure correct IP addreses are being used for the NLB interface

  • Add the static IPv4 and IPv6 address you have reserved for your NLB cluster

  • Enter in the FQDN name of your NLB cluster

  • In this example we will use the default port rule, click finish

  • Right click the newly created cluster name and choose "Add Host To Cluster"

  • Enter in the hostname of the second node in the cluster and select the NLB interface

  • In this example we will use the default port rule, click finish

  • Once status of both nodes is "converged" the NLB configuration is complete

Open the RDG console on one of the nodes, properties on the RDG and add an SSL certificate as this is a requirement for the RDG to work properly

  • In this example we will use a Self Signed Certificate, this certificate will need to be installed on each RDG node

  • Add both servers under the "Server Farm" tab

This is a very basic setup using most of the default settings, there are many more configurable options within NLB/RDG.  Please keep a look out for my future BLOG's that take a deeper dive into NLB/RDG using WIndows Server 2012!

 

Please feel free to reply to this post or email me if you have any questions.

-marobbin

Comments

  • Anonymous
    May 22, 2014
    Nice article but I believe the certificate Name is wrong - it shoudl be RDGDemo.northamerica,corp.Microsoft.com and not rdddemo01....
  • Anonymous
    June 09, 2014
    Can this be done on Windows Server 2012 R2 CORE using only PowerShell?
  • Anonymous
    December 02, 2014
    For 2012 r2 Core - You will perform initial server setup through powershell, Once the server is on your domain, you can manage remotely from any 2012 r2 GUI server on your domain. But Yes, you can perform all of this via Powershell commands.
  • Anonymous
    December 26, 2014
    The comment has been removed
  • Anonymous
    July 15, 2015
    Hi, i need one help regarding nlb configuration. Actually we configure the SharePoint farm it is in live, so can you please if it is possible to configure the nlb configuration now.