FreeRDP – RD Gateway client for Linux

If you are Googling for software that allows you to use remote desktop from a Linux OS through a RD Gateway to another server – Stop! I spend hours doing the same with no luck. I tried out a bunch of tools with no luck either. Here is some of the tools I tried, which does NOT support this function:

I have previously used iTap Mobile to set up connections through a Remote Gateway (also known as RD Gateway or TS Gateway) from a Mac. I read this could also be used for Linux OS’s. But when I went to their site, it turns out that iTap mobile has been discontinued because Microsoft released a new Microsoft Remote Desktop app. This Desktop App works for Windows, Mac and Android, but Linux is not mentioned anywhere. So I wrote the iTap team asking them for advice:

Hi iTap team

I’m looking for software which can connect me through an RD Gateway
(or TS gateway) to a terminal server. I can see you are referring to the new “Microsoft Remote Desktop app”
for Macs and Android.

But what about Linux users like myself, is there an alternative to iTap now that you guys discontinued iTap?

This was their reply:


Thank you very much for your interest in iTap mobile RDP.
Unfortunately, not that I know of. As far as I know iTap mobile RDP was the only RDP client for Linux that offered RD Gateway support.

We are very sorry for the inconvenience.
Best regards,

So what did I do ? turned to the wonderful world of opensource software. FreeRDP is an awesome project started by Awake Coding aka Marc-André Moreau. It is still in development so bugs and missing documentation is to be expected. This tutorial will show you how to compile and use FreeRDP to connect to through a RD Gateway to a terminal server from Ubuntu 13.10 32 bit.

First thing is to install Git, if you already have this installed you can skip this step.

1. Open a terminal an type sudo apt-get install git

Ones we have Git installed, let?s get the source files from GitHub

2. Type git clone git://


3. Type cd FreeRDP

We also need a bunch of dependencies for compiling and running FreeRDP

4. Type the following and press Enter

sudo apt-get install build-essential git-core cmake libssl-dev libx11-dev libxext-dev libxinerama-dev \
libxcursor-dev libxdamage-dev libxv-dev libxkbfile-dev libasound2-dev libcups2-dev libxml2 libxml2-dev \
libxrandr-dev libgstreamer0.10-dev libgstreamer-plugins-base0.10-dev


Now that we have all we need, the makefile must be generated.

5. Type cmake -DCMAKE_BUILD_TYPE=Debug -DWITH_SSE2=ON .


Finally start the build

6. Type make


Ones the installer had been build we can start installing the software itself

7. Type sudo make install


It will take a while to install but hopefully will without any errors. Ones FreeRDP is installed, there is just a little tweaking needed. We need to create a config file for FreeRDP which tells it where the FreeRDP library is placed.

8. Type sudo nano /etc/

9. Inset the line /usr/local/lib/freerdp

10. Save and exit the file


We need to check that the line we inserted is read correctly by the system. For this we start the ldconfig function, and check the path with the which command.

11. Type sudo ldconfig

12. Type which xfreerdp


13. Start FreeRDP by typing xfreerdp

FreeRDP should now be installed correctly. If you have any problems doing this, please check the wiki a GitHub.

Let’s try using FreeRDP to connet to a terminal server though a RD Gateway server. The syntax is like this:


But since I?m using then same account to identify myself to the RD Gateway, and the terminal server I only need to give one username and password.


15. When asked if you trust the certificate press y


So I get error that the Gateway certificate has changed. Someone has suggested that it is a bug in FreeRDP, because it has to handle both the RD gateways certificate and the terminal servers certificate. Anyway it is an easy fix since we can just use the /cert-ignore option.

16. Type xfreerdp /cert-ignore /v:WORKSTATION /d:DOMAIN /u:USERNAME /p:PASSWORD /g:GATEWAY


Success ! we have connected though the RD gateway to a Terminal server in a protected environment. Remember though that FreeRDP is still in development, so it might be buggy. If anybody knows other software or an easier way to connect to a Terminal Server though an RD Gateway please let me know.

Share Button



Bookmark the permalink.

42 Responses to FreeRDP – RD Gateway client for Linux

  1. Javier says:

    Wow thank you very much this worked with Debian 7. At first it did not connect but it is working for now. I will continue to test it. This worked better than Remmina but it could be that Remmina uses an older version of freerdp.

  2. gord says:

    Ever so close. Connection has issues with accessing win2003 term. server through a win2008 domain server: RPC Fault PDU:
    status: RPC_S_INVALID_TAG (0x000006C5) Any thoughts?

  3. Kinit says:

    This worked for me and saved me so much time. Thank you.

  4. PipoKoeien says:

    This worked pretty well on Ubuntu 12.04; I only had to keep on working/ using my mouse otherwise the app frooze and I had to close terminal and reconnect.

    After a complete reinstall of Ubuntu I reinstalled same way, using same script, suddenly does not work anymore…! I get:
    transport_connect: getaddrinfo (Name or service not known)
    Error: protocol security negotiation failure

    Any ideas how to solve this?


  5. santhosh says:

    SSL_read: Failure in SSL library (protocol error?)
    SSL_read: Failure in SSL library (protocol error?)
    SSL_read: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac
    rpc_client_frag_read: error reading fragment body
    Unexpected RPC PDU type: 0
    SSL_read: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac
    rpc_client_frag_read: error reading header

    I am getting this error any idea?

  6. Alejo says:

    Well im getting protocol security negotiation failure, im conecting to server 2012r2 terminal services 🙁

  7. Mark says:

    I’m om Linux mint and I installed freerd-x11 with the synaptic package manager. Is this the same tool as described here and if yes why compile it from source?

    • Hegelund says:

      Hi Mark

      Couldn’t say, don’t have a mint box.
      But if it works for you – No why would you compile for source?

  8. Utopia says:

    I was getting “Error: protocol security negotiation or connection failure”.
    Adding “-nego” flag to the command solved the problem:


  9. Mikhail says:

    Awesome. This worked for me. Thank you.

    • Thomas says:

      Yikes, that laptop’s touchpad is annyoing. So my name is Thomas not ketThomas. Also that ! between the line “segmentation fault” and my final line doesn’t exist.

      • Hegelund says:

        Hi Thomas

        Are you using the same credentials to identify yourself to the gateway and the server itself? Maybe try out using the parematers /g:GATEWAY /gd:GATEWAYDOMAIN /gu:GATEWAYUSERNAME /gp:GATEWAYPASSWORD

        • Nick says:

          I have the same error. I put in the gd and gu parameters but it’s the same.

          It goes:

          unable to connect to [computername]:3389
          connected to [gateway]:443
          connected to [gateway]:443
          fatal_handler: signum=11
          Segmentation fault (core dumped)

        • Thomas says:

          mint@mint ~ $ xfreerdp /cert-ignore /v:workstation /g:gateway /gd:domain /gu:username /gp:password
          connected to gateway:443
          connected to gateway:443
          fatal_handler: signum=11
          Segmentation fault

          The username for the workstation and the gateway are the same.

          • Thomas says:

            I think freerdp has been updated. Now I’m getting something more than I was. I haven’t been able to duplicate the above error since reinstalling Mint 16 and xfreerdp. I’ve put it all in a script now called “filename.rdp” which just makes testing changes easier since you don’t have to type it all out every time. Inside the file is this information:


            When I run xfreerdp filename.rdp, it returns this:

            connected to gateway:443
            connected to gateway:443
            RPC Fault PDU:
            status: RPC_S_INVALID_TAG (0x000006C5)
            TsProxyCreateChannel: error reading response
            freerdp_set_last_error 0x2000C
            Error: protocol security negotiation or connection failure

            I have another domain / system that we can successfully get connected to using the same format. The ONLY difference I can think of off the top of my head, is this secondary domain that we have has a fully qualified domain name, where the one that doesn’t work has an older .local domain name. I wonder if xfreerdp is designed to work with FQDN only?

  10. Piotr says:

    I’m connecting to many different terminal server gateways and mostly this work fine. However I’ve noticed the pattern can’t connect to all machines which are Windows Server 2008 (not R2), rest are working fine. I’m getting error:

    RPC Fault PDU:
    status: RPC_S_INVALID_TAG (0x000006C5)
    TsProxyCreateChannel: error reading response
    freerdp_set_last_error 0x2000C
    Error: protocol security negotiation or connection failure

    Any advice?

  11. D says:

    Tried again today after a long time away. I can connect to a local windows machine but when I try to connect to one with a gateway using the following command I get the error listed below.

    Anyone see anything wrong here?

    xfreerdp /cert-ignore /v:myservername /d:domain /u:username /p:password /g:gateway-server -nego
    RPC Fault PDU:
    status: RPC_S_INVALID_TAG (0x000006C5)
    TsProxyCreateChannel: error reading response
    freerdp_set_last_error 0x2000C
    Error: protocol security negotiation or connection failure

  12. potato says:

    Nice! Has anyone got this working in combination with smartcard support.

  13. RGiskard says:

    Built and connected today! Very nice.
    Thanks for the great work!

    One question, are there other configuration options that could be used, ie, to expand the screen and relay sound?
    The RDP session is rather small and everything is compacted, and no sound comes through. Would be nice if those two things were possible to configure.

  14. Ian Johnston says:

    Working beautifully with Xubuntu 12.04 and 14.04 – many thanks. Just one query … there is no /usr/local/lib/freerdp on my system, so what does it do in /etc/

  15. AzP says:

    This is amazing, it works! I’m using it on Gentoo, and it worked on the first try.
    I think it’s pretty amazing that we have a software that works immediately, but has no GUI. I mean, you don’t need much of a GUI to be able to get input there instead of having to provide a long command. I also really don’t like writing my password on the command line, in clear text.

    I wish the client had a “ask for password” setting.

    • Wrath says:

      I had same concern so a bit of searching found this:

      Basically I edited the code to prompt for remote computer, username, domain, gateway etc. I had a little trouble with passwords that include special characters so escaped the password with double quotes (” “).

      xfreerdp \
      /v:$(zenity \
      --entry \
      --title="Remote Computer" \
      --text="Enter the computer name") \
      /u:$(zenity \
      --entry \
      --title="Username" \
      --text="Enter your Username") \
      /p:"$(zenity \
      --entry \
      --title="Domain Password" \
      --text="Enter your password:" \
      --hide-text)" \
      /d:$(zenity \
      --entry \
      --title="Domain Name" \
      --text="Enter the Domain Name") \
      /f \
      /g:$(zenity \
      --entry \
      --title="Gateway" \
      --text="Enter the Gateway") \

      So if you have zenity installed this may be a solution – it worked for me.

  16. Mick says:

    Before I dig in and try this I need to get a Cisco VPN client working. Assuming I succeed witll this use the VPN to link to the remote RDP server?

  17. David Patino says:

    You’re a life saver!

  18. Dick says:

    thank you, thank you!
    Finally a way to get connected to my work-windows server environment.
    But does anybody know how to change the screen resolution? becaus now its a really small window

Leave a Reply

Your email address will not be published. Required fields are marked *