we have tried both DUO for RDP and DUO for RD gateway on our RD Gateway server and both worked. The only difference we noticed so far is there is a DUO authentication prompt window for RDP while there is no such prompt window if we deployed DUO for RD gateway. Needless to say this prompt window is useful for a lot of users. I am just wondering what are the cons if we use DUO for RDP on a RD gateway server? Thanks.
If your RD Gateway server is also your RD Session host, then you can only install Duo for Windows Logon, and then when users sign in to that session host they’ll see the interactive prompt.
Installing Duo for Windows Logon on an RDG server that is not also the RD session host has no effect on user logins to session hosts via that RDG server.
If the RD Gateway server is not your session host, go install Duo for Windows Logon only on your session hosts. Do not install Duo for RD Gateway on your RDG server too, or users will authenticate to Duo twice (once at RDG and again at the session host).