How to Remote Desktop to internal server securely over the internet.
> How to implement Terminal Services Gateway on Server 2008.
This goal can be achieved by implementing Terminal Services Gateway. Our main concern here is security. The traditional method of allowing remote desktop is to open port 3389 on the firewall, which is a huge security risk. By using Terminal Services Gateway which tunnels RDP traffic over HTTPS (very similar to RPC over HTTPS in Exchange 2003 and Outlook Anywhere in Exchange 2007), this will allow remote desktop access to your internal severs without using VPN.
Prerequisites:
Windows Server 2008
IIS 7
Network Policy Server
SSL Certificate
RPC over HTTP Proxy service
Install Terminal Services Gateway:
1. Click on "Add Roles" from server manager
2. On Select Server Roles screen, choose "Terminal Services" and click Next
3. On the Select Role Services screen, select TS Gateway.
4. Choose Certificate for SSL Encryption Later
5. Choose later to Create Authorization Policies for TS Gateway screen and click next
6. Confirm Network Policy Server is selected
7. Continue to click next and choose install