Remote Desktop Gateway


What is a Remote Desktop Gateway?

An RD Gateway is a service that allows secure RDP access without using a VPN. In the case of CRI, it allows us to have two-factor authentication for all remote desktop connections to the systems in the Data Center as well as secure all remote desktop connections in an SSL tunnel.

Getting Started with the Remote Desktop Gateway

The first step in using the RD Gateway is to ensure that you have claimed your CNetID and registered with Duo.

Once you are registered, you can set up your RDP application to use the RD Gateway. There are many RDP applications that will work with the RD Gateway, but CRI will only provide support for the built-in Windows Application (Remote Desktop Connection - mstsc.exe), and Microsoft Remote Desktop client for Mac. Below are getting started guides.

Windows Client

Microsoft Remote Desktop Client (mstsc.exe) - Supported by CRI
Microsoft Remote Desktop (External Link) - No Support by CRI

Mac Client

Microsoft Remote Desktop Client for Mac - Supported by CRI

Getting Started Guides

Microsoft Remote Desktop Client (mstsc.exe)

  1. Open Remote Desktop Connection client software on the client.
  2. Select the Show Options drop-down menu
    Show Options
  3. Select the Advanced tab, then select Settingsā€¦ button.
    Settings button
  4. On the new window, select Use these RD Gateway server settings, then enter [cri-rds-gateway.cri.uchicago.edu] into the Server name field. Once that is finished, select OK.
    Enter Gateway Server address
  5. Set the rest of the settings you need to connect to the remote system and click "Connect"
  6. You will get two password prompts.  The first on is for the RD Gateway and you need to prefix your CNetID username with "adlocal\".  The second prompt is for the credentials you will use to access the system you are connecting to.  These two usernames and passwords will be different depending on the system you are connecting to.  

 

Microsoft Remote Desktop Client - Mac

  1. Open Remote Desktop Connection client software on the client.
  2. Selecti Preferences, then select the Gateways tab.
    Preferences
  3. Select the plus sign (+).
  4. Enter the Gateway URL as such, cri-rds-gateway.cri.uchicago.edu.
  5. Select user account (this should be your regular user account and not your admin user account).
    Enter user account
  6. Select Add.
  7. From the Connect drop-down menu, select Edit.
    Edit a connection
  8. Select gateway input in steps 4-7.
    Select gateway input
  9. Select Connect.