I’m very confused by much of the DUO documentation and the complexity of the product. I understand how to implement MFA for Remote Desktop, but I’m looking for a way to proxy the traffic so we can close all ports on our clients’ firewall. Is that possible with the DUO products?
Yes, RDP traffic can be proxied through any forward proxy. While installing you need to specify the proxy address and the port number of the proxy server. See step 2 “Configure Manual Proxy for Duo Traffic” Duo Authentication for Windows Logon and RDP | Duo Security
Note: Please make sure your proxy is not inspecting Duo traffic “SSL Inspection” is not supported for Duo traffic.
HI, actually I’m using the incorrect terminology. I’m looking for a solution like TruGrid where the client RDP connection and the Remote workstation do not require any ports open on the target network. Where the connection is tunneled without having to make a connection to a specific port open on the firewall.
Hi @vitalitinc ,
Please check out the Duo Network Gateway documentation. This product (available in the Beyond edition of Duo) allows for on-premise applications (including RDP) to be publicly accessible with Duo 2FA. DNG is typically marketed as a VPN-less (reverse-proxy) solution.
Hope this helps!
Thank you. I’ll take a look.