To use Devolutions Gateway, your system must meet the following requirements.
Devolutions Server Free, Team, Enterprise, or Platinum Edition.
A license is required for each Devolutions Gateway user. Contact our sales department for more information.
If Devolutions Gateway is installed side by side with Devolutions Server on the same server, it supports up to 5 concurrent sessions without a license.
For MSPs, one Devolutions Gateway can be deployed per customer site. All you need is to keep the Devolutions Gateway servers reachable by both Devolutions Server and Remote Desktop Manager. Devolutions Gateway only needs to accept inbound connections coming from them. No outbound connections to Devolutions Server and Remote Desktop Manager are required.
| Minimal implementation (1 to 5 concurrent sessions) |
Small implementation (5 to 15 concurrent sessions) |
Medium implementation (15 to 75 concurrent sessions) |
Large implementation (More than 75 concurrent sessions) |
|---|---|---|---|
| 2 vCPUs 4 GB RAM |
4 vCPUs 8 GB RAM |
8 vCPUs 16 GB RAM |
Deploy multiple Devolutions Gateway instances. |
A Gigabit Ethernet controller is recommended for optimal performance.
Windows Server 2016, 2019, 2022, or 2025 with .NET Framework 4.8
Ubuntu Linux 20.04, 22.04 with PowerShell 7
Devolutions Gateway supports TLS 1.2 and TLS 1.3 as well as the following cipher suites:
AES_256_GCM_SHA384
AES_128_GCM_SHA256
CHACHA20_POLY1305_SHA256
ECDHE_ECDSA_AES_256_GCM_SHA384
ECDHE_ECDSA_AES_128_GCM_SHA256
ECDHE_ECDSA_CHACHA20_POLY1305_SHA256
ECDHE_RSA_AES_256_GCM_SHA384
ECDHE_RSA_AES_128_GCM_SHA256
ECDHE_RSA_CHACHA20_POLY1305_SHA256
When installing Devolutions Gateway, it is essential to consider the location of the resources you need to access and the location of the users requiring access to those resources. The gateway can be installed in either a local or remote network, depending on the proximity to the resources and the users.
The communication between Remote Desktop Manager / Devolutions Server and the gateway is encrypted to ensure secure data transfer. However, between the gateway and the target host, the connection will use the default protocol associated with the connection type, such as RDP or SSH. It is important to ensure that these protocols are properly secured. The default port for HTTP(s) communication with the gateway is 7171, while the default port for TCP communication is 8181. These ports should be open and not blocked by firewalls to allow proper communication.
The interaction between Remote Desktop Manager and Devolutions Gateway is direct and does not pass through Devolutions Server. Security is maintained through the use of a user token, which is encrypted and authenticated using a PEM file to verify that the token was generated by Devolutions Server. This ensures the integrity of the connection and protects against unauthorized access.
For optimal performance, the gateway should be installed as close as possible to the resources it accesses. Additionally, administrators should regularly monitor and update firewall rules to allow the required ports (7171 and 8181) and ensure secure configurations for the protocols in use. Proper handling of the PEM file is critical to maintaining a secure setup.
Give us Feedback