Rather than re-hash all the above content, I will point out a few areas in which you may experience problems configuring\u00a0 TS Gateway.<\/p>\n
- \n
- Configure a DNS record for your domain and point it at the office IP address, such as tsgateway.yourdomain.com<\/span> point to your office IP.\u00a0 If you don’t know your office IP, look at your firewall.\u00a0 You will need a static IP or the capability to use a Dynamic IP address tracking service. If you don’t know what I am talking about already, this is not for you- use GoToMyPC!<\/em><\/li>\n
- While setting up the server, just create a “self signed” SSL certificate, and make sure you use the domain name you configured above to generate the self signed SSL, such as tsgateway.yourdomain.com<\/span>\n
- \n
- You will need to install this self-signed SSL into BOTH the server and client<\/span>\u00a0Trusted Root Certification Authorities store (the above links detail this process).<\/li>\n<\/ul>\n<\/li>\n
- After the TS Gateway setup is complete, go check the IIS server BINDINGS for your default site and make sure the SSL certificate from above is properly installed onto your site.<\/li>\n
- These self-signed SSL certs expire after 6 months, so every 6 months you’ll need to generate a new one using the TS Gateway manager, or you can obtain a low cost SSL from GoDaddy or somewhere else that you can use as well.\u00a0My advice is to just use the free self-signed ones.\u00a0 If you are using self-signed ones just setup an Outlook recurring calendar event to remind you a week before each 6 month period.<\/li>\n
- Firewall configuration.\u00a0 This is the most important part of the whole setup.\u00a0 If the traffic can’t even get into your network, none of the above will work.\n
- \n
- In general this is a two part process.\n
- \n
- First, configure your NAT mappings, to map inbound port 443 TCP\u00a0to your internal server IP address.<\/li>\n
- Second, add a rule to permit HTTPS traffic from anywhere to your internal server IP and HTTPS port 443<\/li>\n<\/ul>\n<\/li>\n
- If you have properly configured your firewall, and imported in both the client and server SSL cert, go to an outside connection with your laptop (like a coffee shop) and go to https:\/\/tsgateway.yourdomain.com<\/a> and see if you get the IIS 7.0 server multi-language single page splash screen.\u00a0 If yes, then your TS Gateway setup is one step closer to working.<\/li>\n<\/ul>\n<\/li>\n
- Enable all logging via the AUDITING tab.\u00a0 These events will log to the Event Viewer in the area below.\u00a0 This is extemely handy for troubleshooting things.\n
- While setting up the server, just create a “self signed” SSL certificate, and make sure you use the domain name you configured above to generate the self signed SSL, such as tsgateway.yourdomain.com<\/span>\n
![\"\"](\"http:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2010\/06\/6-27-2010-11-40-05-AM.png\" "\\"TS")
<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n