By using RemoteApp together with RD Gateway, you can enable users to connect from the Internet to individual programs on a Remote Desktop Session Host (RD Session Host) server without having to first establish a virtual private network (VPN) connection. Depending on the deployment method that you choose, remote users can connect to a program by opening an .rdp file, by clicking a shortcut to a Windows Installer package on their desktop or Start menu, or by accessing a RemoteApp program through RemoteApp and Desktop Connection by using RD Web Access.

This checklist shows the steps that are required to make RemoteApp programs available from the Internet through RD Gateway. Alternatively, if you do not want to deploy RD Gateway, you can make RemoteApp programs available through a VPN solution.


Before you complete this checklist, you must meet the following prerequisites:

Task Reference

Review information about RD Gateway.

For more information about RD Gateway, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (

Deploy and configure RD Gateway. When you configure RD Gateway, ensure that you do the following:

  • Create a Remote Desktop connection authorization policy (RD CAP) to define the list of user groups that can connect to the RD Session Host servers that host the RemoteApp programs.

  • Create a Remote Desktop resource authorization policy (RD RAP) that provides access to the RD Session Host servers that host the RemoteApp programs.

    When you create the RD RAP, add the user groups that you defined in the RD CAP. Also, create a new RD Gateway-managed computer group that contains both the NetBIOS names and the fully qualified domain names (FQDNs) of the RD Session Host servers or the RD Session Host server farm that hosts the RemoteApp programs.

For more information, see the Remote Desktop Gateway Manager Help in Windows Server 2008 R2.

Configure RD Gateway settings in RemoteApp Manager (either in the global deployment settings or when you create an .rdp file or Windows Installer package).

Configure Remote Desktop Gateway Settings

If you want to use existing .rdp files or Windows Installer packages to access RemoteApp programs over the Internet, ensure that the files were created with the correct RD Gateway settings. If they were not, you must create new files with the correct settings, and then distribute them to users.

If you want to allow Internet access to RemoteApp programs through RD Web Access, configure firewall and authentication settings.

Configure the Remote Desktop Web Access Server to Allow Access from the Internet

Additional references