Connecting to a Windows Server 2012 desktop gateway from Linux

FreeRDP Logo

Linux is a great desktop operating system if you're used to it but sometimes you need to connect to corporate servers. This is straightforward with things like Remmina and FreeRDP except when you connect through a Remote Desktop Gateway.

Remote Desktop Gateway is a protocol developed by Microsoft to tunnel multiple RDP connections through a gateway server. It is nice to use when you have multiple RDP servers behind a NATting firewall, that is if you're connecting from a Windows machine.

There are several free RDP implementations for Linux, the one I'm using for this is FreeRDP since it is (at the moment) the only one that can connect to a Windows Server 2012 machine through a Remote Desktop Gateway. The problem is that's not as easy as just loading your .rdp file yet.

Compiling FreeRDP

The first thing you need to do is compile a newer version of FreeRDP. The distribution version is way too old to connect to a RDG server. For debian based distro's you need to run:

$ sudo apt-get install build-essential git-core cmake libssl-dev libx11-dev libxext-dev libxinerama-dev libxcursor-dev libxdamage-dev libxv-dev libxkbfile-dev libasound2-dev libcups2-dev libxml2 libxml2-dev libxrandr-dev libgstreamer0.10-dev libgstreamer-plugins-base0.10-dev libxi-dev libgstreamer-plugins-base1.0-dev libavutil-dev libavcodec-dev libjpeg-dev

Then make a git clone from the master branch of FreeRDP. The specific commit I used is 43a5680b03b241fa4581e3c7357a01f5bc2d64d2.

$ git clone
# If you want to use the same commit I used:
$ cd FreeRDP
$ git checkout 43a5680b03b241fa4581e3c7357a01f5bc2d64d2

Now you need t compile FreeRDP. These are the options I used: 

# In the FreeRDP directory
$ make
$ make install

Connecting to the server

To connect to a server you need the .rdp file for your connection so you have the basic connection information. Open your .rdp file and search for a line that starts with gatewayhostname:s: and note the value behind it, this is the hostname of the gateway server you need to connect to, for example:

You also need to look for the full address:s: line. The name behind that is the hostname for the internal server.

Now to connect to your server you need to run the following command:

$ xfreerdp /cert-ignore /v:$INTERNAL /u:"$USERNAME" /p:"$PASSWORD" /g:$GATEWAY /gd:$DOMAIN /gu:"$USERNAME" /gp:"$PASSWORD" /d:$DOMAIN /v:$INTERNAL /gt:rpc /sec:rdp

 You need to replace a few things in this command:

  • $INTERNAL: The hostname for the internal server.
  • $GATEWAY: The hostname for the gateway server.
  • $USERNAME: The username for the domain account on the server.
  • $PASSWORD: The password for your windows account
  • $DOMAIN: The active directory domain you want to log in to.

The /cert-ignore switch is only needed if you use a self-signed certificate on your server (most likely on a Windows Small Business Server)