Q: How does the Bypass RD Gateway server for local addresses know if a destination for RDP is local or not?

How RD Gateway in Windows Server 2008 R2 works.

John Savill

December 31, 2011

1 Min Read
ITPro Today logo

A: Windows Server 2008 introduced Terminal Services Gateway (TS Gateway), which was renamed to Remote Desktop Gateway (RD Gateway) in Windows Server 2008 R2. It enables RDP traffic to be encapsulated in HTTPS, which enables RDP to travel through many firewalls and also ensures encryption of the traffic.

When a gateway is used, instead of the client talking directly to the RDP target, it instead communicates via the RD Gateway. To use a gateway, the options are specified under the Advanced tab of the Remote Desktop Connection client by using the Settings button in the Connect from anywhere section. Where the RD Gateway is specified, the option to Bypass RD Gateway server for local addresses is available (see screen shot below).

RD Gateway

The question is often asked of how "local address" is determined--is it based on IP subnet, is it based on DNS domain name?

No, it's far less sophisticated. Basically, when the bypass option is enabled when the connection is initiated the RDC first tries to communicate directly to the target and if it can't, it will then use the RD Gateway specified.

About the Author(s)

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like