RD Web and RD Gateway through Ubuntu

So I finally got our RD Web and RD Gateway servers running at school, which is great as we can have remote desktop and remote application access back to the school network without the need to muck around configuring VPN tunnels for people. The RD Gateway neatly bundles all the RDP traffic up inside a HTTPS / SSL / TLS tunnel for us.

I am not going to go into the details of that install as there are plenty of good resources out there like https://hotstickybun.com/nordvpn-for-kodi for example; and it drove me round the bend a bit! Anyway, it all works now 😉

Accessing from home on my Windows 7 machine worked a treat, as did accessing them from my Android phone using the Microsoft RDP App. I haven’t tried OSX or iOS as I don’t have access to those devices; but I am sure that Microsoft’s RDP Client for OSX will deliver.

So then I tried to connect to the RD Session Host through my Ubuntu machine…

… and here is where the fun begins!

I have used Remmina for connecting Microsoft RDP sessions in the past with great success; however the version of Remmina installed on Ubuntu 14.10 (0.9.99.1) does not seem to have any support for RD Gateways. This is a problem!

So I began looking around and it seems like the latest version of FreeRDP does have support for connecting to RDP sessions over an RD Gateway; however I would have to wait until April to get that version in Ubuntu… I could really do with it before then!

This page on the FreeRDP Wiki indicates that have an official Ubuntu PPA where you can get yourself the latest stable version of Remmina and FreeRDP; so I am going to give it a go now on a brand new Ubuntu 14.10 VM. Here are the steps I took:

  1. Install Ubuntu 14.10 selecting to download updates and install third party software
  2. Accept all other sane default settings…
  3. Set up user name and password
  4. Go have a cup of tea whilst it installs!
  5. Restart when it completes the installation
  6. Log in and then install your Virtual machine guest additions
  7. Open a terminal and run:
    sudo apt-get update
    sudo apt-get dist-upgrade
  8. When the upgrades complete, reboot your Ubuntu VM again
  9. Log in again
  10. Now we are going to follow the steps to get the latest version of Remmina and FreeRDP installed through the PPA:
    1. Open a terminal and type these four lines:
      sudo apt-add-repository ppa:remmina-ppa-team/remmina-next
      sudo apt-get update
      sudo apt-get install remmina freerdp-x11 remmina-plugin-rdp
      sudo apt-get upgrade
  11. Now run the following in your terminal:
    xfreerdp --version

    and you should see the following:

    This is FreeRDP version 1.2.0-dev (git n/a)
  12. Run Remmina again and check the version number, and you should now see it listed as “1.2.0-rcgit.1”

This should allow us to use the new FreeRDP options to connect to a RD Gateway server for our RD Session…

  1. Visit your RD Web Gateway and login
  2. Load one of your published Apps or Desktop sessions and when prompted save the rdp file
  3. Now back in your terminal we are going to launch the rdp file we just downloaded using FreeRDP:
    1. Move to the place you saved your rdp file too:
      cd ~/Downloads
    2. Run the following command:
      xfreerdp <your downloaded rdp file> /u:<Windows Username> /d:<Windows Domain> /p:<Windows Password>
  4. If you have any special characters in your password you may need to escape them with a back-slash
  5. I was prompted to accept the certificate and then my remote app launched. As you can see – Microsoft Word 2010 running on Ubuntu 14.10 over a RD Web Gateway!
    MS Word on Ubuntu

It is a slight pain that I cannot seem to get the rdp files loading through Remmina; but nothing that a set of bash scripts to load the rdp files through FreeRDP will not solve!

36 thoughts on “RD Web and RD Gateway through Ubuntu

  1. Having played around with this a little more; it seems that as I write it is still really bleeding-edge stuff and quite honestly not stable enough yet for production use.

    This is a real shame as an Open Source Linux RDP Client that supports the TS Gateway protocols would be a great addition to the Linux software suite.

    I think that it does bear wondering whether Microsoft themselves will release a Linux version of their RDP client; as they released one for every other OS now!

    I will keep checking back on the progress of FreeRDP; but for now I guess I am stuck with either booting up my Windows 7 VM to RDP into the network; or continue to establish a VPN connection between home and school before using RDP…

    1. Why not try Guacamole.. It’s a full HTML5 RDP Server and client setup.. I think it uses FreeRDP as part of it’s setup.

      Should allow you to use any, including Linux, HTML5 compatible web browser as a client.

      1. That certainly looks like an interesting project and I may well have a look at it. However I really needed something to connect back to my work Windows RDP set-up and run those (very few!) Windows only apps from home.

    2. Latest version of Ubuntu still packs an older version of xfreerdp. I’m not sure why TS Gateway support has been so slow in coming given how long TS Gateway has been around.

  2. I’m trying to connect through an RDP gateway that requires authorisation, do you know how to specify these credentials?

    1. I use xfreerdp in the terminal and pass the rdp file to it and then provide the username, domain and password for the gateway server.

      The help for xfreerdp gives these examples:

      xfreerdp connection.rdp /p:Pwd123! /f
          xfreerdp /u:CONTOSO\JohnDoe /p:Pwd123! /v:rdp.contoso.com
          xfreerdp /u:JohnDoe /p:Pwd123! /w:1366 /h:768 /v:192.168.1.100:4489
          xfreerdp /u:JohnDoe /p:Pwd123! /vmconnect:C824F53E-95D2-46C6-9A18-23A5BB403532 /v:192.168.1.100

      If your Gateway is set to require a different username and password to the server then you will probably need to pass these to the command:

      /g:[:port]  	Gateway Hostname
          /gu:[\] or [@]	Gateway username
          /gp:       	Gateway password
          /gd:         	Gateway domain
      

      Jon

  3. Thank you for this, it really helped me so much! If only all Ubuntu stuff was so plainly explained more people would be using the OS.

    If the release version Remmina 1.2 comes out does it get automatically updated when you are using the custom repository of Remmina-next?

    1. Hi Guy,

      You would need to remove the ppa repositories which you added and update your software again. It might even be worth removing remina and freerdp after doing this and then reinstalling them to get the standard packages…

      Jon

  4. Microsoft RDS Gateway does not support Linux OS’s, so saving an rdp file from your linux desktop is impossible. If you grabbed an rdp file from RDS gateway using a windows machine, you should probably mention that!

  5. Hi Jon Witts,

    The guide is perfect … but I have a system with Lucid (10.04.4 LTS – i386) and can not find a way to activate the RD Gateway.

    You know of any method without having to go through the 12.04 and 14.04 LTS?¿?

    Thank you

    *** My hardware resources do not allow it

    1. I am afraid that I don’t know how to do this with Lucid. As Lucid is so old and now unsupported, I doubt that there are many people still developing for it…

  6. Hello Jon Witts,

    thanks for your nice Explanations.

    I received the following error:

    “[11:55:06:614][2288:1763661568][INFO][com.freerdp.core.gateway.tsg] – TS Gateway Connection Success

    Segmentation fault (core dumped)”

    Can you help me?

  7. You no longer need to work with a separate rdp file: the standard remmina ui now shows additional fields for the tsg server name. It also shows a checkbox to disable certificate validation, so that it will work without adding your company cert to the certificate store (for testing purposes only ofcoz).

  8. I was spending ours with googling, trying different tools and configurations.
    Finally I’ve found your article.

    Thanks, you saved my day! 🙂

  9. Hi Jon,

    Thanks so much for this. Previously, remmina and vinagre didn’t work on my Ubuntu 14. 4 (nor on my upgraded 16.04) machines, and I was stuck with a virtual windows installation to get at my rdp gateway.

    This works really well now. Many thanks.

    I’m also in education, and access to SIMS was really helpful.

  10. Nice howto what i did is i created a .sh script and a desktop application script via xfreerdp works like a charm so now i just click on the program and it works

  11. It feels good on Ubuntu16.06 and FreeRDP version 2.0.0~dev (n/a) and Server 2008 R2. Previously on older versions of Ubuntu and FreeRDP version 1.2.0-dev (git n/a) and Server 2003 it was flaky. I noticed issues especially with copying and pasting from my desktop to the RDS session to server 2003 or 2008. Now I haven’t noticed anything weird yet. Thanks so much.

  12. Thank you for the guide. I can connect to my college apps but one thing when I start up say notepad++ or other apps and start typing it disappears and then I am informed that the connection was closed. Might you have any idea about this?

  13. I used your information to update Remmina to 1.2.0-rcgit.27 on Ubuntu 16.04.4. I added the RD Gateway settings under the advanced tab and it connected first time. It is one of the best RD clients I have used and it is working perfectly.
    Thank you.

  14. Hey, I think your blog might be having browser compatibility
    issues. When I look at your blog in Ie, it looks fine but when opening
    in Internet Explorer, it has some overlapping.

    I just wanted to give you a quick heads up!
    Other then that, wonderful blog!

    1. Thanks… To be honest I don’t have any access to IE to check. The theme is a stock WordPress theme so I would have thought that the developers at WP would be dealing with IE display issues…

  15. Thanks for the pointers! 🙂

    The package names seems to be changed. I got things working by installing freerdp2 instead:
    sudo apt install freerdp2-x11

    Once I got past that, I got an error message:
    rts_connect error!
    rpc_connect failed!
    Error: protocol security negotiation or connection failure

    This could be remedied with the /gu and /gd switches:
    xfreerdp file.rdp /u:user /d:domain /gu:user /gd:domain

    Personally, I try to avoid using passwords as command-line arguments, as it will be saved in history (or in a batch file) and read by others if something goes wrong, or if one screws the permissions up.

    By omitting the /p and /gp switches, I am prompted for the password when logging in instead. For single-user clients, and people with absolute confidence in their own user account’s security, it’s perfectly doable to add the password using the /p and /gp switches.

Leave a Reply

Your email address will not be published. Required fields are marked *