DUO Free - Limiting 2 factor authentication to external ips

I LOVE this product. Question about DUO Free.

I’m testing 2FA services for an application on my test applicaton server.
Is it possible to use DUO Free and use it only when a connection is made to the server through the VPN, Right now, I’ve got DUO Free monitoring the application, but any access either RDP from my local domain and from external get 2FA authenticated. I’m hoping to 2FA only those accessing the application externally.

Thanks in Advance,


Which DUO product are you using and where did you install that?

In my case, I used the DUO for Microsoft Windows Remote Desktop Gateway and installed it on my Remote Desktop Gateway server. I also have an internal DNS and external DNS server, e.g., within my internal network, myip.com =; for external nextwork, myip.com = Thus, when my rdp hits myip.com internally, it redirects straight to the RDSH, bypassing RDG.

Just make sure that, in the Remote Desktop Connection (on the client side, that is), in the Advanced tab, the “Connect from anywhere” has either the “Automatic detect RD Gateway server settings” or “Use these RD Gateway server settings” with the “Bypass RD Gateway Server for local addresses” are enabled.

That’s how mine is set up and been running like that for 2 years. Good luck!

1 Like