We have a company RDS (Remote Desktop Server) TSG (Terminal Services Gateway) server, which allows employees to connect to an RDS session from home, so they can see a work RDS desktop from home.
This works fine on their home computers using windows 7 with the following settings:
However, some users have Linux at home and are trying to use freerdp 1.2.0.
I've tested this on a laptop connected to the internal company LAN using the following command and it works fine:
$ xfreerdp /f /rfx /cert-ignore /v:farm.company.com /d:company.com /u:administrator /p:
However, if I try to use that command on a laptop, which is not using the company LAN connection, i.e. a home connection, I get this:
freerdp_set_last_error 0x2000C
Error: protocol security negotiation or connection failure
So I'm now trying to use some of the new TSG commands in freerdp 1.2.0 as follows, but that also doesn't work.
I can only see 4 TSG related commands:
/g:<gateway>[:port] Gateway Hostname
/gu:[<domain>]<user> or <user>[@<domain>] Gateway username
/gp:<password> Gateway password
/gd:<domain> Gateway domain
I read somewhere that I only really need to use /g in my particular scenario, I may have read that incorrectly.
So when I try:
$ xfreerdp /f /rfx /cert-ignore /v:farm.company.com /d:company.com /g:rds.company.com /u:administrator /p:
That will give me:
Could not open SAM file!
Could not open SAM file!
Could not open SAM file!
Could not open SAM file!
rts_connect: error! Status Code: 401
HTTP/1.1 401 Unauthorized
Content-Type: text/plain
Server: Microsoft-IIS/7.5
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="rds.company"
X-Powered-By: ASP.NET
Date: Wed, 02 Jul 2014 12:36:41 GMT
Content-Length: 13
Considering the original command:
$ xfreerdp /f /rfx /cert-ignore /v:farm.company.com /d:company.com /u:administrator /p:
This works on a Linux laptop, which is connected to the network within the company LAN.
Why can't I use a similar command (with the extra TSG parameters) on the same Linux laptop, which is connected to the internet at home?
Am I not using the new TSG switches correctly?
Best Answer
You need to make sure that the layout of the command you are typing is correct. If you have one thing messed up or in the wrong location then you will have an error no matter what you try.
the command you tried to run
$ xfreerdp /f /rfx /cert-ignore /v:farm.company.com /d:company.com /g:rds.company.com /u:administrator /p:you need to type the command like this-
xfreerdp /cert-ignore /v:WORKSTATION /d:DOMAIN /u:USERNAME /p:PASSWORD /g:GATEWAYNow if you are not using the same account for the terminal server for the RD gateway then you will have to run this-
xfreerdp /v:WORKSTATION /d:DOMAIN /u:USERNAME /p:PASSWORD /g:GATEWAY /gd:GATEWAYDOMAIN /gu:GATEWAYUSERNAME /gp:GATEWAYPASSWORD. The reason this is needed is if the user that is connecting is not already saved in the rd gateway as an authorized account it will refuse to connect that user. so the main user for the gateway that has all the rights to access the connect will be able to force connect them through and it shoud make the full connection. This allows for a sort of force connectionAlso make sure that your router you are using at the company is configured to have access from remote connections from outside the office. This will also cause for connection failures if it was never setup or configured incorrectly.