Step 1: Reinstall VMWare tools with VMCI disabled.
Step 2: Create a DHCP pool on the same subnet as the Server 2012 R2 network adapter in Untangle.
Step 3: Open gpedit on the Remote Desktop Server (NOT ON THE DOMAIN CONTROLLER). The path is Local Computer Policy, Administrative Templates, Windows Components, Remote Desktop Services, Remote Desktop Session Host Config, Application Compatibility.
Step 4: Turn on Remote Desktop IP Virtualization
Step 5: Add the subnet of the IP address of the Remote Desktop Server network adapter in the "Select the network adapter to be used for Remote Desktop IP Virtualization." The IP address of my 2012R2 Remote Desktop Server is 192.168.255.29 so I put in this IP plus the CIDR /24 for 255.255.255.0.
Step 6: Enable "Do not use Remote Desktop Session Host server IP address when virtual IP address is not available" policy.
Step 7: Download the UNLS script from Untangle and change the following parameter as per https://support.untangle.com/hc/en-us/articles/204345898-Use-UNLS-User-Notification-Login-Script-on-Windows-terminal-servers- :
Step 8: YOU CANNOT USE THE UNLS Server Monitor application for Remote Desktop Server 2012R2 because it will not report the virtual IP, only the IP of the RD Server itself. Also I was not able to run the UNLS script in GPO either. I had to place the script in C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Step 9: Each time a user logged onto the Remote Desktop Server they recieved a message "Do you want to run this file: " There is probably a better more secure way to do this but I found to have the Remote Desktop server ignore this message I put .vbs in the "Inclusion list for low file types" Then I put .vbs in the blocked file types in Untangle.