I have installed TGW on Windows 2008 R2, and only have access via RDP. The previous install worked fine on a different win 2008 R2, and could access the gui using the /admin option in RDP.
With the recent install I cannot access the gui at all. The only difference is the account used, previously I had the administrator account, now I am using my AD account with is part of the administrator group.
Can anyone suggest a fix or a solution?
Solved! Go to Solution.
There are too many possibilities. Is the computer logged into the domain so that domain users can log in? If yes, then is the policy set up correctly? See
Essentially, the TGW computer needs to talk to the domain server and the person being authenticated needs to belong to a group which is in the local Remote Desktop Users group on the TGW computer.
Its not a matter of logging into the server, I can log in fine. The issue is running the TGW software via RDP. I have installed the app, but when clicking on it to launch it does nothing.
If the TGW works locally on the computer, then it should work remotely with RDP. It sounds like it does not work locally.
Please try to reinstall the transport gateway and then start it and check the logs if no error message is displayed.
Logs are under
C:\Program Files\Cisco Systems\Cisco Transport Gateway\Transport Gateway\logs
The next step is to debug this locally by hooking up a keyboard, mouse, and display.
Thanks for the response, that has fixed it now. I have done some further testing with Win 2003 and 2008, looks like I was using 2003 previously as this works fine on the console.
So in summary
2003 - works fine on console and via the /admin option in rdp.
2008 - will only work if the "Interactive Services Detection" is running, you can then access the gui from the console or any rdp session without the need for /admin.
Ideally this is not a "nice" way of accessing the gui. Are there any plans to correct this?
In the current transport gateway, the service and the configuration GUI run in the same JVM and therefore, in the same session. Server 2008 implemented "Session 0 Isolation" as a security measure, which prevents a service and application from running in the same session. The Interactive Services Detection service was implemented to maintain compatability while developers update their code. See this article for more info:
We've communicated the issue to engineering and they are working on a longer term fix. Stay tuned.
For those implementing transport gateway in 2008 and have hit this issue. Once you exit from the session 0, you cannot access the gui by running the application if its already running. Usethe following to access session 0 again.
In the Firedaemon blog that Wayne refers to there are 2 rundll32 commands.
They do no work in my copy of Windows 7 Enterprise. Actually its a bit of a side issue, because I still can't get the TG to run.
Thanks for the docs. Could do with some install guides and the old deployment guide is outdated with this new release.
Managed to install the TG but no idea how to configure or get gui up.
DO NOT INSTALL THE WINDOWS VERSION of TG v3.5!
I have been working with TAC and have had install failures for both Windows versions. It fails so bad that it has been sent back to the developers to fix it. It should not have been released yet.
Chapter 4 of the User Guide is updated with information for the new release of the Transport Gateway: