I’ve been trying to get RDS Gateway to work behind my WAP proxy server which is included in Windows Server 2012 R2 and v.Next version. While it is possible to implement ADFS based authentication based on the URL: http://technet.microsoft.com/en-us/library/dn765486.aspx
But what if we wanted to publish the simple RDS Gateway on our backend server for direct RDP access.. ?
The easiest way to publish any HTTPS based service behind WAP is by using the pass-through mode. This allows WAP to just pick-up the request and forward it internally.
Next, we need to specify the external URL and internal URL’s. WAP would be capable of redirecting the connection based on a different name. In my case however we have the same name internally as externally. So in order to start, we need to ensure that the WAP server knows our backend URL and the internal IP address. Usually the hosts file will suffice to get this working. Or if you have an internal DNS server, you can add it to that one too. Just make sure that when you ping the RDP.MYDOMAIN.COM you actually receive the RDS GW server address back.
Finally we need to do one more thing.. as the RDS GW traffic is being inspected by the WAP server (the SSL is broken in the WAP server and rebuilt to connect to the backend RDS GW), we need to tell the RDS GW server that our SSL might be offloaded. By opening the properties of the RDS GW server, you can select the SSL Bridging tab. Enable the option and select USE SSL BRIDGING – HTTPS-HTTPS
And it should work now..