Windows Remote Desktop (RDP) with RDS Gateway

Using Remote Desktop (RDP) to access your on-campus device with policy-based networking requires additional steps to authenticate through the RDS Gateway.

How to remotely access (RDP) Windows computers on the policy driven network

Using Remote Desktop (RDP) to access your on-campus computer with policy-based networking requires additional steps to authenticate through the RDS Gateway. 

Please be aware: 

  • Sessions idle for greater than 15 minutes will be disconnected.
  • These instructions/this service cannot be used to connect to devices running a Windows Server Operating System.  

Prerequisites

  1. You should know the hostname of the computer you want to connect to. On devices set up by EIT, there will be a White Label with the hostname near the DNCA tag or Service Tag.  
  2. The device you are connecting to must be enrolled in Intune. 
  3. The device you are connecting to must be using Policy-Based Networking (EIT-supported departments will begin to see this change in 2026) 
  4. Either your user account, or your research group, must be added to the "Remote Desktop Users" on your device. Join us for a remote support session to complete this step if you have not previously connected to the device remotely. 
  5. The device you are connecting to must be powered on, connected to the internet, and no other users are currently signed in
  6. You must be running the GlobalProtect VPN


Connecting from a Windows Device

  1. Connect to the GlobalProtect VPN
  2. Open the Remote Desktop Connection app. You can use the Windows Search in your taskbar if it is not a shortcut or pinned app (Tip: Right click & use "pin to taskbar" to make it easier in the future!)
    Remote Desktop Connection shortcut  
  3. In Remote Desktop Connection, type the name of the computer you want to connect to and select "Show Options" 
    Remote Desktop Connection app, with red rectangles indicating where to input your hostname and select "show options"  
  4. You can enter your UMD email for the "User name". Then, switch to the "Advanced" tab.
    Remote desktop connection app showing the advanced tab. A placeholder computer name and email address are entered as examples.
  5. From the "Advanced" tab;
    1. Select "Settings...". This should open the "RD Gateway Server Settings" pop-up.
       RD Gateway Server Settings, with boxes surrounding all the settings that will need to be adjusted in the next four steps
      1. Select "Use these RD Gateway server settings:" and enter the server name "rdsgateway.umd.edu".
      2. Use the drop-down menu to change the "Logon method:" to "Ask for password". 
      3. Uncheck "Bypass RD Gateway server for local addresses"
      4. ***NOTE: If you are attempting to connect to a device that is "Entra Only" (not currently applicable to any EIT managed devices) , then you must uncheck the "Use my RD Gateway credentials for the remote computer
      5. Click "OK" to return to the "Advanced" tab. 
    2. ***NOTE: If you are attempting to connect to a device that is "Entra Only" (not currently applicable to any EIT managed devices), then you must check the box for "Use a web account to sign in to the remote computer" under "User authentication". 
      Remote desktop connection advanced tab, with a red box indicating where to enable the web account for entra only devices 
    3. You can now return to the "General" tab. 
  6. ***NOTE: If you would like your remote device to utilize any of your local computer's resources (such as your printer, camera, or folders), you can enable these features in the "Local Resources" tab before you connect.
    Remote desktop connection local resources tab   
  7. You can "Save" or "Save As..." to create a shortcut for this configuration in the future. 
  8. Click "Connect
  9. Enter your UMD email and password to connect to the RD Gateway. If you are shown a "Remote Desktop Security" warning, you can check off the "Do not ask me again" and continue with "Connect". 
    Windows login prompt for RD Gateway
    1. If you are using a web account, you will be prompted to sign into your Microsoft account. Enter your DirectoryID@umd.edu, passphrase, and authenticate with DUO as appropriate. 
  10. If you previously unchecked the "Use my RD Gateway credentials for the remote computer" setting, you will be prompted to enter your credentials again, specifically for authenticating into the device.
  11. You should now be remotely connected to the computer. Please contact eit-help@umd.edu if you were unsuccessful. 

Connecting from a macOS Device 

  1. Connect to the GlobalProtect VPN
  2. Search and open the Windows App. (You can install Windows App from IT Self-Support application if your computer is managed by Jamf)

    ""

  3. On Windows App, click the + sign on the upper right corner and then click Add PC.

    ""

  4. Enter the following information
    • PC Name: Enter your target computer name. 
    • Credentials: Click on the Ask when required pull down, and choose Add credentials. Enter your username in the formation DirectoryID@umd.edu then click the Add button.
    • Gateway: Click on the Gateway pulldown and choose Add gateway. Enter rdsgateway.umd.edu.
    • Click Add Credentials and enter DirectoryID@umd.edu. Then click the Add button.
    • Uncheck the Bypass for local addresses.

      ""

  5. If your computer has multiple monitors and you would like to utilize all of them, click on the "Display" tab and check the "Use all monitors" box
  6. Click Add.
  7. From the Windows App main page, double click the device you added, and login using your UMD credentials as DirectoryID@umd.edu.  
  8. You should now be connected to the computer. Please contact eit-help@umd.edu if you were unsuccessful. 

 


Keywords:
pbn policy network remote rdp connect access vpn 
Doc ID:
157831
Owned by:
Christian F. in Engineering IT
Created:
2026-01-09
Updated:
2026-01-09
Sites:
University of Maryland Engineering IT