WAF - Allow Remote Dektop Gateway protocol Windows server 2016
Upgraded our RDP Gateway server to Windows 2016, and connection through the WAF is now failing. Answer from support:
"I have reviewed the case and have researched this issue for you. For the RDP Gateway 2012R2, RD Gateway used to use RPC (remote procedure call) in order to transport the remote desktop session over HTTP, that was & still is supported by WAF on the UTM.
For the Windows 2016 RDP Gateway however, Microsoft decided to change protocol they use so that instead of using RPC, they now use one called RDG. RDG is not supported by WAF on the UTM.
Unfortunately the only workaround for this is to simply use a DNAT rule instead of WAF for the 2016 server."
Please add support for Windows 2016 RDP Gateway to work through the WAF.
Please note, this is not just specific to Server 2016, the change to the way RDG is implemented occurred in Server 2012 R2! This is a long standing issues with multiple FRs for both XG and UTM device users. Please Sophos, can you fix this already?!
Jonathan Axsom commented
Sophos, can you please combine the numerous requests for proper RDG support into one? That way you can see the hundreds of votes for this.
We shouldn't even have to ask for this, especially from a security company.