If you want to restrict access to your Remote Access Gateway and add pre-authentication for remote access, you can roll it out through Web Application Proxy. This is a really good way to make sure you have rich pre-authentication for RDG including MFA. Publishing without pre-authentication is also an option and provides a single point of entry into your systems.
How to publish an application in RDG using Web Application Proxy pass-through authentication
Installation will be different depending on whether your RD Web Access (/rdweb) and RD Gateway (rpc) roles are on the same server or on different servers.
If the RD Web Access and RD Gateway roles are hosted on the same RDG server, you can simply publish the root FQDN in Web Application Proxy such as, https://connect.abc.com/.
You can also publish the two virtual directories individually e.g. https://connect.abc.com/rdweb/ and https://connect.abc.com/rpc/.
If the RD Web Access and the…
View original post 137 more words