Problem with RDP app for Android/Mac

0

Hello,

we have sucessfully published Remotedesktop Gateway according to the following manual:

https://support.kemptechnologies.com/hc/en-us/articles/115003434043-Enable-the-Edge-Security-Pack-ESP-with-Remote-Desktop-RD-Gateway

Everything works fine with a Windows client. When we use an Andorid or Mac client we get the error message 0x3000008. In the ESP log we see the line

Nov 18 09:53:03 SERVERNAME l7log: Blocked access to invalid directory 'https://host.domain.tld/rpc/rpcproxy.dll' from 1.1.1.1:36105 to 2.2.2.2:443

According to the Technet forums this is becaue the rdp client app uses an absolut URI in the Header (https://social.technet.microsoft.com/Forums/en-US/c24a615a-a388-44d3-aa99-b940eedb12d8/rdp-on-androidios-issues-error-0x3000008-we-couldnt-connect-to-the-gateway-because-of-an-error?forum=winRDc)

I figured out that when we remove the http selection rules everything works fine. But this we can't do.

Is there a way to handle this?

Greetings

Christian

2 comments

Avatar
0
Darren Morrissey

 Hello you can try and add "*.*" into the allowed virtual directory under your ESP settings.   so you will have "/*" "*.*"  no quotes. This might help. If not please explain what HTTP selection rules you have. Thank you

Avatar
0
Administrator

Hi,

thanks for your answer. I've tried to create a new service on a different IP and created the rule for publishing RDG. The settings are like this:

HTTP selection rules
Host /^host\.domain\.tld$/ -> set flag 2, ignore case
/^\/rpc.*/ -> only on 2, ignore case

Enable ESP
Authentication delegate to server
domain: host.domain.tld
path: /rpc/* *.*

I now can connect with Android and pc so everything is working. Thanks for the hint with *.* for the path.

When I now create this rule as a subvs in the right service it is not working anymore. Although the settings are the same. So I've disabled all the other subvs to check if they disturb each other. Still the same. So what is the difference with a subvs?

Thanks

Christian