Remote Desktop Services can be a touchy subject for some, but I find the solution to work well.  When the need to provide external access arises I will typically use HAProxy to, you never would have guessed it, proxy the traffic to the appropriate places.  It has proven to be rock solid in its performance, and offers decent logging when issues arise.  Please note that there should be additional security measures taken to secure this, so don’t just drop it in and think you’re done.

A lot of the configuration options are simply taken from the HAProxy documentation.  I do suggest taking some time and reading through a lot of the common options to help fine tune your config.  Before I drop the my “template” config, let’s do a quick overview of what it contains (though I will have comments in the config).  First things first, I set up the built in stats page.  This is very useful and I don’t see much reason not to set it up.  I then redirect port 80 traffic (http) to port 443 (https/SSL).  Next up is to proxy any https/SSL traffic in to the RDS server.  Finally, we proxy the RDP traffic through and we’re good to go!