Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1695
Views
2
Helpful
2
Replies

Duo Security only for RDS-authentication via VPN (Homeoffice), but not in local network

schnugg
Level 1
Level 1

‎05-14-2020 11:47 PM

Hi,
we intend to purchase a Terminalserver (RDS Server) and therefore want to protect the RDP-access from the Internet (VPN / Homeoffice-use). But within our local network there shouldn`t be a DUO-security-control if we connect to the RDS-Server from our local clients while working in our company.

Is there a solution for this scenario? Maybe there is a filtering option in relation to the IP-address of the VPN-clients possible?

Thanks

0 Helpful
2 Replies 2

BabbittJE
Level 1
Level 1

‎05-15-2020 04:50 PM

You don’t even need VPN when using it for RDS as RDS has its own SSL gateway, though it won’t hurt except for reduced performance.

Set up RDS the way it should be: RD Gateway, RD Broker/Connection, RD Session Host.

Put Duo for RD Gateway on the RD Gateway server. Create a policy to trust the IP address of you work’s network.

When someone outside of your work’s network tries to reach your RDG, Duo will prompt.

When someone inside of your work’s network tries to reach your RDG, Duo will NOT prompt due to the policy you created.

This has been my setup since 2018. Good luck!

schnugg
Level 1
Level 1

‎05-15-2020 11:19 PM

Alright. Many Thanks!

Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents