If you can’t RDP to your TMG server, it’s probably because you haven’t enabled it. Enabling RDP on TMG is done in the same way that it was back in the days of Microsoft ISA server.
To enable RDP on TMG:
- Enable RDP on the server in the normal way – Right click on My Computer -> Properties -> Remote Settings -> Enable RDP
- Then make sure your are in the Remote Desktop Users group
- Now that RDP is enabled on the TMG server, you need to make a rule to allow it. Create a new access rule in the firewall policy to allow RDP to the local host from the internal network (or whereever you want to RDP from).
- Now you need to allow RDP in the system policy. Notice that if you click on Firewall Policy, then edit the System Policy in the action pane (right hand side pane), then scroll down to Remote Management -> Terminal Server, it’s enabled but only accepting connections from (From tab) certain groups. Those groups are by default Enterprise Remote Management Computers and Remote Management Computers. You need to edit one of these groups to add the computers or IP address ranges that you want to RDP to TMG from (Select group, click Edit).