Go into Server Manager > Remote Desktop Services > Deployment Servers, and in here, add a Remote Desktop Gateway server. This will install the role, and also add it to the deployment.
If you just add the role, using the Add Roles wizard, then it isn't added to the deployment.
I found this out when I tried adding RD Gateway role by using the Add Roles wizard, and then I went into the deployment properties, certificates - next to the RD Gateway role service, it listed the Level as “Unknown” and I was not able to configure the certificate. After adding the RD Gateway server to the “Deployment Servers”, Unknown changed to “Not Configured”.
To specify which servers can be accessed, and by who, create a “Resource Authorization Policy” in the RD Gateway Manager.
For those servers which you just access for administration (ie everything except the RDS session hosts), I suggest creating a group which just includes your support user accounts.
To use the “connect to a Remote Computer” feature in RDS 2012 you would need to add the RD gateway address to the settings on the web access server
The Remote Desktop Gateway Manager displays a summary of the number of connections from remote users to computers on the internal network.
Server Manager > Tools > Terminal Services > Remote Desktop Gateway Manager (installed with the RD Gateway role)
By default uses ports 443 and 3391. Use RD Gateway Manager tool to change the RD Gateway Port.
All of the below is untested, or only tested to some degree. I can't stand behind this info, but it may be a useful place to start. Do your own testing!
If using RDWeb and you need to change the port, achieved by changing the RDGateway port. Eg you may be forwarding 4433 external to 443 internal - but if you want to change the port for RDWeb - you actually go into RD Gateway Manager, properties, change the port there to 4433.
Steps to get RD Web working with a different port than 443:
(this example is using a single server called rds01.mundy.local, externally available on remote.mundy.co, which holds all roles: RD session host, RD Gateway, and RD Web.
Set-RDSessionCollectionConfiguration -CollectionName “Remote Desktop Collection - 1” -CustomRdpProperty “gatewayhostname:s:remote.mundy.co:4433” -ConnectionBroker rds01.mundy.local