none
Secure RDP connection to Windows 2012 server

    Question

  • At our office we recently installed a new Windows 2012 server which we want to use as a Terminal server. Currently we use VPN boxes to connect to a Windows 2008 server with an external session/rdp.

    We would like to eliminate the need for VPN boxes and instead use certificates to secure the rdp connections. Does anybody have any idea how to get this going? I tried finding the TLS settings on the 2012 server, but cant find them. Also tried it with policies, but nothing happens. I can still connect to the server without certificates.

    Please bear in mind, I'm kinda new to all this but I would appriciate any help.

    Thanks,

    Frank

    Friday, January 03, 2014 7:46 AM

Answers

  • Hi, 

    Have a look at the following articles:

    Secure RDS:

    http://technet.microsoft.com/en-us/magazine/ff458357.aspx 

    RDS Gateway:

    http://technet.microsoft.com/en-us/library/cc731264(v=ws.10).aspx

    http://technet.microsoft.com/en-us/library/dd320345(v=ws.10).aspx 

    Two Factor authentication:

    http://ryanmangansitblog.wordpress.com/2013/10/15/two-factor-authentication-for-rds-2012/ 

    Best regards,


    Help keep the forums tidy, if this has helped please mark it as an answer

    Sunday, January 05, 2014 1:11 AM
  • As Ryan mensioned above, I'd recommend you looking in to setting up an RD gateway.
    http://technet.microsoft.com/en-us/library/cc731264(v=ws.10).aspx

    With and RD gateway you basically encapsulate RDP in HTTPS, which makes it work in more or less all places even if strict firewalls are in place.

    http://technet.microsoft.com/en-us/library/dd983941(v=ws.10).aspx

    MCT | MCSE: Private Cloud/Server, Desktop Infrastructure

    Sunday, January 05, 2014 5:50 AM

All replies

  • Hi Frank,

    I don´t have the answer for your question.
    But why not setup RDS Web access instead?

    Friday, January 03, 2014 9:07 AM
  • Hey Lars,

    Thats oke, thanks for replying anyway :)

    I actually did that, which works pretty good in my opinion. But for some reason our management still wants to use RDP sessions for the majority. Probably thinking this is more secure or something.

    Friday, January 03, 2014 9:24 AM
  • Hi, 

    Have a look at the following articles:

    Secure RDS:

    http://technet.microsoft.com/en-us/magazine/ff458357.aspx 

    RDS Gateway:

    http://technet.microsoft.com/en-us/library/cc731264(v=ws.10).aspx

    http://technet.microsoft.com/en-us/library/dd320345(v=ws.10).aspx 

    Two Factor authentication:

    http://ryanmangansitblog.wordpress.com/2013/10/15/two-factor-authentication-for-rds-2012/ 

    Best regards,


    Help keep the forums tidy, if this has helped please mark it as an answer

    Sunday, January 05, 2014 1:11 AM
  • As Ryan mensioned above, I'd recommend you looking in to setting up an RD gateway.
    http://technet.microsoft.com/en-us/library/cc731264(v=ws.10).aspx

    With and RD gateway you basically encapsulate RDP in HTTPS, which makes it work in more or less all places even if strict firewalls are in place.

    http://technet.microsoft.com/en-us/library/dd983941(v=ws.10).aspx

    MCT | MCSE: Private Cloud/Server, Desktop Infrastructure

    Sunday, January 05, 2014 5:50 AM