This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 86%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Hello,
I'm a little confused and don't understand why I'm getting an access denied error.
If I enable the "Bypass RD Gateway server for local addresses" option, in this case everything is fine and GW passes the connection to the target server.
However, I need dual authentication, this is the purpose of using the Gateway role.
I tried:
change NPS logging settings."If logging fails, discard connection request"
Added the target server to "RAS and IAS Services".
Verified that the user has group membership in "Domain Admin" and "Domain Users".
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello,
It's important to verify your Gateway authentication method. If your event log indicates you are using NTLM with HTTP, but the Gateway requires Certificate authentication (which should utilize HTTPS), then you need to examine whether any Group Policy or other settings are restricting your authentication to HTTP.
If the Answer is helpful, please click "Accept Answer" and upvote it.
