Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1449
Views
0
Helpful
1
Replies

DUO on RDP and RD gateway

Go to solution
TECH-JEFF1
Level 1
Level 1

‎07-17-2020 02:39 PM

Hi,

I’m a first time DUO user/admin and appreciate any help from the GURU’s. We setup a Windows Server 2016 with RDS role and RD gateway.

So we applied protection on it’s RDP and it has been working. We now plan to protect the RD Gateway. Not sure if I’m doing the right thing though, do i execute the msi for RD Gateway I assume on the same server? but the thing is there’s a different intergration, secret ket and APi key just for RD gateway or I’m doing it wrong??

Thanks
TECH-JEFF

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
DuoKristina
Cisco Employee
Cisco Employee

‎07-24-2020 08:02 AM

We offer separate integrations for Windows Logon and RD Gateway logon.

  • Duo Authentication for Windows Logon protects local and RDP logins on the workstation or server where it is installed. So if you installed this on your RD Gateway server, it would add 2FA to interactive desktop local and RDP login on that server. It would not add 2FA to users accessing session hosts through the RD Gateway service on that server.

  • Duo Authentication for RD Gateway adds 2FA to RD Gateway logins. If you installed this on your RD Gateway server, it would add 2FA RDP connections for desktop sessions or published apps that use that RD Gateway service.

You are correct that if you wanted to protect both types of logons you would install both of those applications on the same RDG server, using different application information (Install Duo RDG with the keys for the Duo RDG application, and install Duo Windows Logon with the keys for the Duo RDP application).

Duo, not DUO.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
DuoKristina
Cisco Employee
Cisco Employee

‎07-24-2020 08:02 AM

We offer separate integrations for Windows Logon and RD Gateway logon.

  • Duo Authentication for Windows Logon protects local and RDP logins on the workstation or server where it is installed. So if you installed this on your RD Gateway server, it would add 2FA to interactive desktop local and RDP login on that server. It would not add 2FA to users accessing session hosts through the RD Gateway service on that server.

  • Duo Authentication for RD Gateway adds 2FA to RD Gateway logins. If you installed this on your RD Gateway server, it would add 2FA RDP connections for desktop sessions or published apps that use that RD Gateway service.

You are correct that if you wanted to protect both types of logons you would install both of those applications on the same RDG server, using different application information (Install Duo RDG with the keys for the Duo RDG application, and install Duo Windows Logon with the keys for the Duo RDP application).

Duo, not DUO.
0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents