Access Portal - RDP Authenticaton

RDP access through Access Portal using NLA security requires to hardcode user credentials on Firebox config.
Suggested workaround is to lower overall RDP security by disabling NLA policy, not really a best practice for a security product.
Since Access Portal caches credentials when enabling the Reverse Proxy option "Forward Access Portal Credentials", it would be great if you enable this feature for RDP too, or at least show some kind of intermediate login request that user can fill and pass to NLA


  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @EGlf
    There's an existing feature request open for this, it's FBX-13597. At this current point in time, there is no targeted release date or version for that feature request.

    -James Carson
    WatchGuard Customer Support

  • Morning all we are getting brute force attacks with our RDS gateways server.

    IPS is enabled for the RDS gateway policy it logs the IP address in the logs file located here :- C:\inetpub\logs\LogFiles\W3SVC1 yes we have blocked IP enabled too, but it takes time. I know there are software we can look into but i would like the WG to do it..

    I was looking at Introducing an Access Portal looking through the how to guides you need to add RDS 3389 . But all users connects via ssl cert through 443 . Has anyone used Access Portal for RDS Gateway for multi session host servers?

    Any ideas will be warmly welcomed

  • Just asked for the same feature, other guac based implementions like on the older Pulse Secure already had this feature. Can't see why Whatchguard wouldn't be able to have it.
    Use AD/LDAPS MFA for the portal and have the token carry over for the RDP (whatever the connection type; rdp, tls, nla, etc).

Sign In to comment.