Hi,
I'm looking at the best way to do this.
** On Prem Solution ** We have multiple customers who connect to our single domain environment, each customer has a RDS Server (VM) setup with holds the Broker, Session Host and Web Access roles. we have a license server and gateway which is shared across all servers.
At the moment we control who can connect to each server by Security groups and logon rights
Access into the system is done by 3 ways
- Site to Site VPN - this terminates at the IP of the VM for the company, they can only connect to the Session Host on that IP (I appreciate that once one other servers could be accessed if not secured.
- VPN Client - Dials the VPN and using a RDP file connects to the Session host
- Firewall Nat which is secured down to the Source IP
What I want to do is introduce the Web Access Role (rdweb) to the customers, here I can publish apps and also the RDP file. Is it possible that you we can point all the customer VMs at a single server running the Web Access Role and this is allowed in on 443 for each business.
So, Server1 > web Access is WEB1 and Server2 > WEB1.
I have tested this and it seemed to work on the first but when I added the 2nd it just showed the remote apps of the 2nd server.
Or, in a multi tenant environment would I need to allow in a connection per server business to the web access role installed on the session host.