This documentation is for HAProxy ALOHA 12.0, if you are looking for the latest version see here.
Searching ALOHA 12.0
Configuring Remote Desktop Gateway
You can use HAProxy to load-balance Remote Desktop Gateway. It is an HTTPs based service which you can load-balance in two ways:
SSL bridging mode
SSL pass-through
To install Remote Desktop Gateway on your platform, follow the instructions from Microsoft Technet:
Using SSL bridging mode
In this mode, HAProxy deciphers the traffic in the front end and ciphers it on the server connection:
frontend fe_rdp_tsc
bind 192.168.13.128:443 name rdp_web ssl crt 2013.haproxylab.net
mode http
capture request header Host len 32
log global
option httplog
timeout client 300s
maxconn 1000
acl path_rdweb path_beg -i /RDWeb/
http-request redirect location /RDWeb/ if { path -i / /RDWeb }
http-request deny unless path_rdweb
default_backend be_rdp_tsc
backend be_rdp_tsc
balance leastconn
mode http
log global
option httplog
timeout connect 4s
timeout server 300s
option httpchk GET /RDWeb
cookie RDPWEB insert nocache
default-server inter 3s rise 2 fall 3
server srv01 192.168.13.11:443 maxconn 1000 weight 10 ssl check cookie srv01
server srv02 192.168.13.12:443 maxconn 1000 weight 10 ssl check cookie srv02
Note
In this mode, it is also possible to set up a configuration to protect against brute force.
Using SSL pass-through
In this mode, HAProxy establishes a TCP connection between the client and the server and lets them communicate together:
frontend fe_rdp_tsc
bind 192.168.13.128:443 name rdp_web
mode tcp
log global
option tcplog
timeout client 300s
maxconn 1000
default_backend be_rdp_tsc
backend be_rdp_tsc
balance source
mode tcp
log global
option tcplog
timeout connect 4s
timeout server 300s
option httpchk GET /RDWeb
default-server inter 3s rise 2 fall 3
server srv01 192.168.13.11:443 maxconn 1000 weight 10 check check-ssl
server srv02 192.168.13.12:443 maxconn 1000 weight 10 check check-ssl