What is a Terminal Services Gateway server?

A gateway is any computer that connects two networks that use different network protocols. A gateway reformats information from one network so that it is compatible with the other network.

A Terminal Services Gateway (TS Gateway) server is a type of gateway that enables authorized users to connect to remote computers on a corporate network from any computer with an Internet connection. TS Gateway uses the Remote Desktop Protocol (RDP) along with the HTTPS protocol to help create a more secure, encrypted connection.

In earlier versions of Remote Desktop Connection, people could not connect to remote computers across firewalls and network address translators because port 3389—the port used for Remote Desktop connections—is typically blocked to enhance network security. However, a TS Gateway server uses port 443, which transmits data through a Secure Sockets Layer (SSL) tunnel.

A TS Gateway server provides these benefits:

  • Enables Remote Desktop connections to a corporate network from the Internet without having to set up virtual private network (VPN) connections.

  • Enables connections to remote computers across firewalls.

  • Allows you to share a network connection with other programs running on your computer. This enables you to use your ISP connection instead of your corporate network to send and receive data over the remote connection.

How do I know if I need a TS Gateway server?

Ask your network administrator whether you need to specify a TS Gateway server.

To specify a TS Gateway server

  1. Open Remote Desktop Connection by clicking the Start button Picture of the Start button, clicking All Programs, clicking Accessories, and then clicking Remote Desktop Connection.

  2. Click Options, click the Advanced tab, and then, under Connect from anywhere, click Settings.

  3. Select Use these TS Gateway server settings, and then type the server name (ask your network administrator for this information).

  4. Select one of the three available logon methods:

    • Allow me to select later. This option lets you select a logon method when you connect.

    • Ask for password (NTLM). This option prompts you for a password when you connect.

    • Smart card. This option prompts you to insert a smart card when you connect.

  5. Select or clear the Bypass TS Gateway server for local addresses check box.

    Selecting this check box prevents traffic to and from local network addresses from being routed through the TS Gateway server, which can make your connection faster.

  6. If you have Windows Vista Service Pack 1 installed, and you want to use the same credentials for both the TS Gateway server and the remote computer, instead of asking for credentials twice, select the Use my TS Gateway credentials for the remote computer check box. For more information about installing Windows Vista Service Pack 1 (SP1), see Learn how to install Windows Vista Service Pack 1 (SP1).


  • Your network administrator might not allow changes to TS Gateway server settings.