06-03-2021 05:25 PM
I know the 3 levels of protection that Duo offers for protecting and RDP farm. But has anyone worked out a less annoying process than any of these options I see? I want to eliminate the VPN.
I was really hoping there was a solution with the DNG, but support tells me there’s not.
Anyone found a cool way of doing things that I didn’t list above?
06-10-2021 01:18 PM
Hi @krknopp,
I’m sorry to see that no one has replied to this yet with some suggestions for you. Hoping that by bumping the thread, we may be able to get a response here.
Thank you for sharing this question with the community, and welcome! We love to see these types of best practice questions or calls for recommendations and ideas.
You may have come across this article already, and it’s possible the solution won’t work for you, but what we usually recommend to folks is to install Duo only on the endpoint where users are forced to connect during each authentication. See “How often will I be prompted for 2FA when Duo for RD Gateway and Duo for RD Web are both installed?” for more details. Depending on which integration you use, you could then further reduce this so users are not prompted on subsequent remote desktop connections by using Remembered Devices to generate a persisting cookie following an initial authentication.
Since you specifically mention that using one or the other won’t work in your scenario, I take it there’s something I am missing here, but just thought I’d reply and attempt to help anyway!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide