Previous page

Next page

Locate page in Contents

RAS Secure Client Gateway Overview

By default, a RAS Secure Client Gateway is installed on the same server where Parallels Remote Application Server is installed. You can add additional RAS Secure Client Gateways to a site to support more users, load balance connections, and provide redundancy.

To manage RAS Secure Client Gateways, in the RAS Console, navigate to Farm / Site / Gateways . Use the tab pages in the left pane to manage Gateways and Tunneling Policies .

How a RAS Secure Client Gateway Works

The following describes how a RAS Secure Client Gateway handles user connection requests:

  1. A RAS Secure Client Gateway receives a user connection request.
  2. It then forwards the request to all of the available RAS Publishing Agents in the farm.
  3. A RAS Publishing Agent performs Load Balancing checks and an Active Directory security lookup to obtain security permissions.
  4. If the user requesting a published resource has sufficient rights, the RAS Publishing Agent sends a response to the gateway which includes details about the RD Session Host the user can connect to.
  5. Depending on the connection mode, the client either connects through the gateway or disconnects from it and then connects directly to the RDS server.

RAS Secure Client Gateway Operation Modes

RAS Secure Client Gateway can operate in one of the following modes:

  • Normal Mode. A RAS Secure Client Gateway in normal mode receives user connection requests and checks with the RAS Publishing Agent if the user making the request is allowed access. Gateways operating in this mode can support a larger number of requests and can be used to improve redundancy.
  • Forwarding Mode . A RAS Secure Client Gateway in forwarding mode forwards user connection requests to a preconfigured gateway. Gateways in forwarding mode are useful if cascading firewalls are in use, to separate WAN connections from LAN connections and make it possible to disconnect WAN segments in the event of issues without disrupting the LAN.

Note: To configure the forwarding mode, a Parallels RAS farm must have more than one RAS Secure Client Gateway.

Top of page Feedback