RD Web Access using HAProxy

I setup an AIO RDS Windows Server 2012 R2 server farm, added a CA Certificate and everything runs fine including Web Access and RemoteApp. I decided to add an reverse proxy (HAProxy) as I want users to have access to a web application from home. HAProxy
has the same CA certificate which I had to convert to pem from the pfx as the server is Ubuntu Server 14.4
Now HAProxy is working correctly for the most part, I can actually reach the root folder of the default web site. BUT I can not access the subfolder "RDWeb" on that default web site.
Works:  https://remote.myserver.com/
Fails: https://remote.myserver.com/RDWeb/Pages/en-US/default.aspx
I get the following error:
Server Error in '/' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable.  Please review the following URL and make sure
that it is spelled correctly. 
Requested URL: /RDWeb/Pages/en-US/default.aspx
I did check authentication (link), but I am not sure as the problem seems to permissions/security. THe SSL certificate works and if I access the RDS Server directly bypassing the HAProxy
server everything works.
What is blocking access to that RDWeb webpage?
-- Frank

Thank you for posting in Windows Server Forum.
From the error it seems that there is some permission issue or might blocking the RD Web access. You can check the firewall setting whether it is blocked by firewall end during proxy selection. Please check defined rules and setting related to firewall. 
Apart from that, by default when we install RD Web Access, the RD Web Access Web site installs to the Default Web Site in IIS (to the /TS virtual path). However, if you specify a different Web site to install RD Web Access, you need to configure a different
target Web site in the registry. You must do this before you install the RD Web Access role service. 
To change the location of the TS Web Access Web site
Hope it helps!
Dharmesh Solanki

Similar Messages

  • Remote Web Access using "UPN" or Email address

    Hi there, 
    I noticed this thread talks about the thing I would love to have. 
    I understand the SBS is designed for smaller, non-it specific, however most of the places that you do install are also limited so telling the when you use the RWA you use the "username" but when you log into Office365, you use your email address,
    it would be nice to have them all the same. 
    I see that from here you are able to modify the RDWeb. 
    But I understand that the Essentials is an out of the box solution, so maybe nobody has wanted to try or to fix. 
    The first post mentions about a "Error" with RWA in 2011 and they still haven't found something for this?  As they did mention about looking into it, however, no solution, so I can't be the only person asking for this feature of consistency,
    as I know there are other out there. 
    Does anyone have any suggestion on how to enable this?   I swear that my Server Essentials 2012 this worked, as I tested it, so not sure what happen in R2.

    Hi Susan, 
    Thanks for the post.   
    Maybe I am the only person out there... I have a few of these in the field, and I hate telling people that you user your "Username" for RWA, but you use your Email address for Office365... 
    Not exactly what I was hoping for, as I'm sure that server 2012 allowed this functionality.  Because it was one of the first things I tested when
    I installed Server 2012-E, mainly because it's
    broke in SBS 2011.   I just wish it was more consistent that's all, especially when you are using Office365. 

  • Limiting web access using an RV110W

    Is it possible to set up an RV110W to limit access to only specified websites according to a schedule?
    I can block access to specific sites using the Internet Access Policy settings under Firewall, but I can't figure out a successful way to block access to all sites except those specified.  I also tried establishing access rules but that did not work either.

    The Internet Access Policy
    worked mediocre for me, It opnly work if I specify the optional client MAC address or IP
    BUT it only bliock http pages (port 80), if the client access the blocked site in https (port 443) it allow him to do it.
    so I was not able to block Facebook access using the Internet Access Policy
    I need to it in the Access Rules, and by this I had to type all the IP address that Facebook use (I just hope they don't add new IP soon)

  • Web access using Macbook and cellphone (Telus)

    I have a web-enable cell phone that I would like to have my Macbook use to access the internet using Bluetooth to communicate with the phone. I'm running Mac OS X (10.5.3), the phone is an LG Chocolate and my cell carrier is Telus (Canada).
    Has anyone had any luck with this?

    It sounds to me like your ISP only allows one PC per internet connection. This can easily be solved by spoofing the MAC address of your Windows XP on your router. So to the ISP your router looks like a PC, and the only PC on the network. I can't be certain that this is your issue as your across the pond.
    You should contact the place you purcahsed your MacBook, or call Apple - I am sure they would be more than happy to send you a Hardware Test CD.
    Good Luck!

  • Can I limit application web access using time capsule firewall?

    Wondered if tc firewall can be used like Zonealarms or similar pc apps

    I am assuming that u r doing this on a mac., then, your best bet might be to use parental controls option.  so you'd have one admin acct (pw protected, ofc) which would control the other, limited account.   then you have lots of options, including: white & black url lists, app control, timed access control, mail and ichat limits.  ya could go nuts with all of he options

  • Won't validate my password to outlook web access, but it work using a browser

    I changed my office network password and my blackberry won't validate my new password a few days ago.
    But I can go to my company outlook web access using a browser and the new password work.
    It means a problem with a connector on my blackberry.

    If you migrated your MobileMe account to iCloud before September last year then your @me.com address should still be functioning. If you sign into http://icloud.com can you see your mail there?
    If you did migrate, and can get into Mail on the website, then you can set up Mail on Snow Leopard to access it. However when you try to set it up, the Mail 'Wizard' will attempt to force you to te MobileMe settings, because it's never heard of iCloud. To get round this you will need to follow the procedure outlined here:
    Entering iCloud email settings manually in Snow Leopard or Leopard
    If you did not migrate your account then you don't have an iCloud account and your @me.com address will no longer function.

  • Remote Desktop 2012 R2 - Can't get RD Gateway with RD Web Access working through just 443

    I have one server (2012 r2 fully updated) running all remote desktop roles (RD Web Access, RD Gateway, RD Licensing, RD Connection Broker, RD Session Host) and a separate domain controller.
    I have RD Web Access published to cloud.mydomain.co.uk and accessing cloud.mydomain.co.uk/RDWeb works fine.
    I want to setup the environment so only port 443 is open from the outside (thus the RD Gateway is installed) and the user can login through RDWeb and click on an app to launch it.
    If I leave port 3389 open along with 443 and log on to RDWeb and click the remote app, this works fine.
    If I close 3389 on the external firewall and only leave open 443, I can connect AND login to RDWeb but I cannot open the connection
    This is expected:
    Digging in the event viewer yielded: http://i.imgur.com/M9uHm0o.png
    Which led me to test change the following setting in the resource access policy, as a test:
    This still didn't work but yielded a different error in event viewer:
    Now I suspect I have misconfigured something somewhere in terms of the last event where it suggests it can't connect to resource "cloud.mydomain.co.uk" I would have expected this to be the internal FQDN of my session host. Or, I am hitting some sort
    of odd problem because I have all the roles on the same box.
    Any assistance greatly appreciated. I'm keen to find the root cause behind this as I need to document this solution so don't want to invalidate by messing around too much with settings.

    Hi Gavin,
    If you use RD Gateway then you only need to open TCP port 443 and UDP port 3391 and forward them to your RD Gateway server.  You may have RD Web Access (uses TCP port 443) and RDG running on the same server.
    When an external client launches a RemoteApp they will connect to your RD Gateway via TCP port 443 and UDP port 3391, then the RDG will connect to your internal RDSH servers using TCP port 3389 and UDP port 3389 on behalf of the external client.  In
    this way the RDG will act as a middleman between your external users and your internal RDSH servers.
    In Server Manager - Remote Desktop Services - Overview - Tasks - Deployment Properties you need to specify the external FQDN of your RD Gateway server.  If you have RDWeb and RDG on the same server this would be the same FQDN that your users will use
    for RDWeb.  For example, if your users use https://rds1.yourdomain.com/rdweb to connect to your RD Web Access site, then you would enter rds1.yourdomain.com for the RD Gateway name in deployment properties.
    (Above one Quoted from this thread answered by TP).
    In addition please see that you have properly configured RD Rap & RD Rap policy under RD Gateway manager and also properly configured certificates to match server name.
    Hope it helps!
    Dharmesh Solanki
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • Can I install WSUS alongside Windows Essentials Experience Role without killing IIS & Remote web access?

    Can I install WSUS alongside Windows Essentials Experience Role without killing IIS & Remote web access?
    I have recently installed Windows Server 2012 Essentials R2, but I want to use WSUS on the same server.  Is this possible, if so how?  Last time I tried this I lost my Remote Web Access.
    I did post this in the Windows server 2012 essentials thread but didn't get any replies so thought I'd try posting it here to see if I got any hits here?
    Is there a way to get WSUS to install to different web ports i.e. 880 & 8443?  Or can I get it to install in a new site in IIS?  Its just I know that the Essentials Experience role sets up RWA in IIS and installing the WSUS on top just overwrites
    the RWA site & settings?  I assume this is also why Remote Desktop Services does the same?
    JK MCP

    Can I install WSUS alongside Windows Essentials Experience Role without killing IIS & Remote web access?
    Last time I tried this I lost my Remote Web Access.
    Remote Web Access uses the Default Web Site. If you install WSUS to the Default Web Site, it will break things. Install WSUS to the alternate "WSUS Administration" site on port 8530.
    Is there a way to get WSUS to install to different web ports i.e. 880 & 8443?
    Or can I get it to install in a new site in IIS?
    Just select the option during the installer to do that.
    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

  • Sorry, we couldn't open your file using this feature. Visio Web Access is not available on this site.

    Recently installed Service Pack 1 in SharePoint Server 2013 Farm, post upgrade we are experiencing issue when opening visio documents:
    I am trying to open .vsdx (visio 2013) file but encounter following issue:
    Sorry, we couldn't open your file using this feature. Visio Web Access is not available on this site.
    Under Document library-->Library settings-->Advanced Settings
    Still I cant open file in browser as we always used to. Unfortunately we don't have Visio services in Farm.
    can you share your experiences regarding this issue post Sp1 SharePoint Server 2013.
    Thank You

    Hi Octopus,
    Based on the error message, it seems that the Visio Graphics Service is not started or the Enterprise feature is not enabled.
    I recommend to check the things below:
    Go to Central Administration > System Settings > Manage service on server > check if the Visio Graphics Service is started > then click Application Management > Manage service applications > check if the Visio Graphics Service application
    is created.
    Go to the root site settings page of the site where you got this error, click Site collection features to check if the SharePoint Server Enterprise Site Collection Features is enabled.
    Go to the site settings page of the site where you got this error, click Manage site feature to check if the SharePoint Server Enterprise Site Features is enabled.
    More information about the Visio Graphics Service:
    Best regards.
    Victoria Xia
    TechNet Community Support

  • WRT54G2 and WRT54G locks-up (freezes) when blocking web sites using Access Restrictions

    I am convinced that a few Linksys routers such as WRT54G2 and WRT54G have a major issue when blocking web sites using Access Restrictions (Internet Access Policy). After a few hours of internet access by 15 wired users the Linksys locks-up and blocks all internet web access. The only solution is to restart the power on the router.
    We are currently using a Linksys WRT54G2 v1 (firmware 1.0.04). We upgraded the WRT54G2 v1 firmware to the latest 1.0.04 version which did not resolve the issue.  NOTE: We were previosuly using a a Linksys WRT54G v1.1 (firmware 4.21.1) until the power supply blew a week after we started blocking web sites using Access Restrictions (Internet Access Policy).  
    Basically, we have a T1 internet connection and a hub connected to the Linksys router. We are trying to block several web sites such as facebook, myspace, etc. for 15 wired users. We do not use wireless connections.
    This is the 2nd time it happened with 2 different models.
    Please help ASAP.
    Thank you,
    (Mod note: Edited post. Some parts off topic.. Thanks!)

    Also,  you have already upgrade/re-flash the firmware of your Linksys Router you need to reset and reconfigure your router from scratch. Press and hold the reset button for 30 seconds...Release the reset button...Unplug the power cable from your router, wait for 30 seconds and re-connect the power cable...Now re-configure your router...

  • Need help to access a web page using midlet to retrieve some informations

    Hi everyone i'm trying to access a web page using midlet to retrieve some informations in text format, the web page is [http://daviddurand.info/D228/?villes|http://daviddurand.info/D228/?villes] for my project.
    the problem is that i always get error 10049 in socket::open meaning no adresse could be found i tried IP adresse and still the same.
    i managed to recreate the same web page to test it on local and the surprise that it works fine but when accessing it online i have this error.
    i tried also to get the page i created on a webserver i own to try it saying that there might be security issues but the same error appears again. so help plz
    here is my code :
    package mobileapplication5;
    import java.io.*;
    import javax.microedition.io.*;
    import javax.microedition.lcdui.*;
    import javax.microedition.midlet.*;
    public class GetMidlet extends MIDlet {
    private Display display;
    String url = "http://dayaati.com/villes/index.php?villes";
    public GetMidlet() {
    display = Display.getDisplay(this);
    public void startApp() {
    try {
    } catch (IOException e) {
    System.out.println("IOException " + e);
    public void pauseApp() {   }
    public void destroyApp(boolean unconditional) {  }
    public void getBirthdayFromNameUsingGet(String url) throws IOException {
              HttpConnection httpConn = null;
              InputStream is = null;
              OutputStream os = null;
              try {
    httpConn = (HttpConnection)Connector.open(url);
    httpConn.setRequestProperty("User-Agent", "Profile/MIDP-2.1 Configuration/CLDC-1.1");
    httpConn.setRequestProperty("Content-Language", "en-US" );
    httpConn.setRequestProperty("Content-Type", "text/html; charset=iso-8859-1");
    httpConn.setRequestProperty( "Connection", "keep-alive" );
              int respCode = httpConn.getResponseCode();
              if (respCode == httpConn.HTTP_OK) {
                   StringBuffer sb = new StringBuffer();
                   os = httpConn.openOutputStream();
                   is = httpConn.openDataInputStream();
                   int chr;
                   while ((chr = is.read()) != -1)
                   sb.append((char) chr);
                   // Web Server just returns the birthday in mm/dd/yy format.
              else {
                   System.out.println("Error in opening HTTP Connection. Error#" + respCode);
              } finally {
                   if(is!= null)
                   if(os != null)
              if(httpConn != null)
    void getConnectionInformation(HttpConnection hc) {
    System.out.println("Request Method for this connection is " + hc.getRequestMethod());
    System.out.println("URL in this connection is " + hc.getURL());
    System.out.println("Protocol for this connection is " + hc.getProtocol());
    System.out.println("This object is connected to " + hc.getHost() + " host");
    System.out.println("HTTP Port in use is " + hc.getPort());
    System.out.println("Query parameter in this request are " + hc.getQuery());
    **Heeeeeeelp Please**

    SIGSEGV (0xb)Most common cause of that is JNI code used directly or indirectly through a 3rd party library.
    64-Bit Server VM (11.2-b01 mixed mode linux-amd64)Conversely that VM gets less traffic than others so you might have hit a bug in it.

  • Using remote desktop web access (RDWEB) with remoteapps and a traditional remote desktop

    I configured windows 2012 r2 remote desktop services and remote desktop web access (rdweb) and was able to click the icon on the rdweb page to log on to a remote desktop session. When I published a remoteapp program, the remote desktop icon went away. How
    do I get it back? Do I need to publish remote desktop as a remoteapp so users can both use remote apps and log on to a traditional remote desktop session?
    thanks in advance for the help

    You can just publish RDC as RemoteApp and then can connect to the desired remote desktop connection. You can check the below snap.
    Hope it helps!
    Dharmesh Solanki
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • Is it possible to flag e-mails and/or right click an e-mail to mark as read/unread, etc. when using Microsoft Outlook Web Access in Firefox on a Mac?

    Is it possible to flag e-mails and/or right click an e-mail to mark as read/unread, etc. when using Microsoft Outlook Web Access in Firefox on a Mac?
    == This happened ==
    Every time Firefox opened
    == I've never been able to figure out how to do those things in Firefox.

    When you use OWA in something other than IE, you're using OWA lite and no--it is not possible to do either in OWA lite (well, new Exchange stuff makes my answer a little less emphatic but still: pretty much no). Thanks Microsoft. But this guy made it possible to mark unread/read and select all/none:

  • Open VDW files stored on file share using Visio Web Access

    Is it possiblwe to view VDW files that are stored in a file share using Visio Web Access in SharePoint?
    If so, how?
    Opening up a Visio Web Drawing stored in a SharePoint document library is straight forwards however I want to view a visio web drawing stored in a file system using the web access service.
    Hope I'm made myself clear.

    Hi Jens,
    I will suggest you to call the support center, cause there are some bugs related to the issue you are having.

  • Accessing client using Windows 2008 Terminal Service - Web Access?

    Dear experts,
    We are developing a network infrastructure solution for our new customer's B1 8.8 implementation.
    Our customer would like to utilize Windows Server 2008 Terminal Service to connect B1 client in remote branch with server in head office area. And they want to use Terminal Service - WEB ACCESS. Base on our experience, we successfully implement B1 using Remote Desktop Connection or Citrix to support B1 client in the remote area.
    My question is, Has SAP already support to utilize windows "Terminal Service - Web Access" to access B1 client?
    If Yes then what are possible issues and solutions?

    when we said to customer that it is better to use citrix, they will see some concerns as follows:
    1. Investment to buy citrix server
    2. License of citrix
    3. installation time for ICA client
    4. maintenance cost for citrix and its server
    The benefits are as follows:
    1. Reduce cost to purchase B1 license. Remote and LAN users can access B1 through citrix
    2. The connection speed. Citrix is more faster than RDC or terminal services either web access or not
    3. The security reason. Check this link:
    In the support platform, there is no windows terminal services web access info. You may check it here:
    The supported hosted environments are using citrix or windows terminal service. For remote users, the citrix is used for web access and windows terminal services are using IP and the connection is using internet (do not use VPN).
    The citrix is not very expensive. We must make them realize the benefit.
    Kita harus pastikan citrix itu bagus dan tidak mahal2 amat kok. Beli dari reseller citrix yang diauthorized  tetapi tidak big company agar tidak mahal sekali. SAP AG menyarankan menggunakan citrix karena memang sangat bagus.
    (in english : we must convince the customer about the citrixs benefit. it is not too expensive. The citrix could be buy from small reseller company so that its price is acceptable. SAP AG suggested to use citrix because it is very best web access).
    I know bhs because I am from Indonesia hehehe....

Maybe you are looking for