Forum Discussion

FulvioPalma's avatar
FulvioPalma
Copper Contributor
Dec 12, 2024

MFA on RDP (with AD, RDG, NPS)

Hi, everyone.

 

In the company where I work we have an AD domain and RDP servers (MP) that some employees access from outside via RDG. We have already installed ADFS and NPS but I am still not clear which products and which license levels are necessary to enable 2FA on RDP via RDG. Does anyone have a clearer idea than me? Thanks

AD
azure
MFA
nps
RDG
RDP

2 Replies

Sort By
  • balasubramanim's avatar
    balasubramanim
    Iron Contributor
    Dec 13, 2024

    FulvioPalma 

    To enable MFA for RDP via RDG with AD, try these steps

    Licenses - Azure AD Premium P1/P2, RDS CALs, and Windows Server licenses.
    Components - AD, RDG, NPS (with Azure MFA extension), and Azure MFA.
    Steps-
    Set up RDG and NPS as a RADIUS server.
    Install the Azure MFA NPS Extension.
    Configure RDG to use NPS for authentication.
    Enable MFA for users in Azure AD.
    This ensures secure RDP access with 2FA via RDG

  • Kidd_Ip's avatar
    Kidd_Ip
    MVP
    Dec 13, 2024

    Please refer to the following:

     

    1. Active Directory (AD): This is already in place in your environment.
    2. Remote Desktop Gateway (RDG): This allows secure remote access to your RDP servers.
    3. Network Policy Server (NPS): You mentioned this is installed. NPS is used to integrate with your RDG for authentication.
    4. Azure Multi-Factor Authentication (MFA): This is the service that will provide the 2FA. You can use the NPS extension for Azure MFA to enable this.

Resources