A new blog post by the Remote Desktop Services team blogs.msdn.com discusses fixing the logon attempt failed error when trying to connect to a RDS farm through the RD Gateway.
"...To resolve this issue, locate the HTTP redirection setting and disable it:
1.In Server Manager, on the RD Gateway server, open Internet Information Services (IIS) Manager.
2.In the IIS navigation tree, expand the server and the sites, and then select Default Web Site.
3.In the middle pane (the settings area), double-click HTTP Redirect.
4.Clear the Redirect requests to this destination check box.
After completing this, single sign-on was working externally as well, but the question remained: “How can I enable the redirection?” I didn’t want to manually type in http://contoso.com/rdweb because I wanted to use http://contoso.com/ instead. After doing some research and getting help from my colleagues, I found that it could be done by just making a small change, detailed in the following steps.
To redirect HTTP:
1. Open IIS Manager.
2. Go to the RD Web Access website (by default, it’s the “Default Web Site”).
3. In the middle pane, click HTTP redirect.
4. Select the Redirect requests to this destination check box, and type the address for your website; for example: http://contoso.com/rdweb.
5. In the Redirect Behavior section, select the Only redirect requests to content in this directory (not subdirectories) check box.
6. Apply settings...."
For the complete blog post see: