04-04-2018 04:18 AM
We currently use DUO for our RDP connections, directly and without VPN (Port open on firewall). Have never had an issue.
We purposefully don’t want VPN because we don’t need network level access and we don’t want people’s potentially infected remote computers on our networks. Then there’s the added inconvenience of managing muti-platform VPN clients and potentially additional credentials.
However, most traditional IT people suggest that adding VPN would be safer.
It’s definitely an extra layer but given the issues I mention above, the minuses seem to outweigh the pluses.
How are people doing this? Anyone care to comment?
04-09-2018 12:49 PM
MS RD Gateway was made for this. It accepts the incoming RDP connection over HTTPS/443 instead of the regular RDP TCP/UDP port(s) 3389, so incoming client traffic is encrypted.
04-09-2018 02:54 PM
I used it too without vpn however I do used below setup to add additional security:
Good Luck!
05-17-2018 06:59 AM
Hello - we’re also using Duo with RDP.
I ran into some problems when changing the rdp port on a Windows 7 machine. All went as expected until the call to Duo was supposed to happen. It never did and the attempted session hung. RDP on 3389 works fine with Duo. Did you run into anything like that? Any hints?
Thanks!
05-17-2018 12:36 PM
I’d take a peak at your firewall settings. I know the Microsoft OS firewall does not update the RDP port when it is changed in the registry.
05-17-2018 12:59 PM
Thank you so much for responding. Yes - I have definitely made that mistake in the past but didn’t this time. I sniffed the traffic and found all the back and forth doing fine - but all stopped just after the mouse click that should have had the host make a call to Duo.
The DNS call to find Duo never gets made nor is there further traffic.
But, since it sounds like others are doing this just fine, there must be something I’m doing wrong in my setup.
05-17-2018 01:05 PM
You can try enabling debug logs for advanced troubleshooting.
05-17-2018 01:16 PM
Once again, thank you. I will go read up on that.
05-18-2018 07:49 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide