Jeremy_in_Japan
asked on
How to Secure RDP with Aladdin eToken OTP
Is there a way to secure RDP sessions using OTP (One-Time Password) from an Aladdin eToken without having to install extra client software?
Our users currently use the Remote Desktop Client over port 80 which is NATed to 3389 at an ISA server to access the corporate LAN - it would be nice to secure the authentication process with a Windows Password+OTP. If there were a way to implement RADIUS authentication with RDP, my problem would be easily solved.
My organization is currently using eToken OTP for VPN and OWA (behind ISA 2004). Unfortunately, Aladdin does not offer an RDP plugin nor do they offer technical support to customers (only partners/distributors).
Aladdin does offer an IIS OTP plugin but it seems that this plugin does not work well. I would like to avoid implementing the Remote Desktop Web Connection as it requires an Active X plug-in. TightVNC would be a possibility but it does not support SSL.
Our users currently use the Remote Desktop Client over port 80 which is NATed to 3389 at an ISA server to access the corporate LAN - it would be nice to secure the authentication process with a Windows Password+OTP. If there were a way to implement RADIUS authentication with RDP, my problem would be easily solved.
My organization is currently using eToken OTP for VPN and OWA (behind ISA 2004). Unfortunately, Aladdin does not offer an RDP plugin nor do they offer technical support to customers (only partners/distributors).
Aladdin does offer an IIS OTP plugin but it seems that this plugin does not work well. I would like to avoid implementing the Remote Desktop Web Connection as it requires an Active X plug-in. TightVNC would be a possibility but it does not support SSL.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Unfortunately, my organization's requirement is to secure RDP with a one-time password device.
The MS Terminal Service gateway is a nice solution and actually, it does support RADIUS authentication which can be used with Aladdin eToken OTP.
I have decided to go with an SSL-VPN appliance such as SonicWall 2000 or SSL-Explorer. Theses appliances support RADIUS authentication which can be used for OTP authentication for the SSL-VPN Gateway access. Also, Java based as well as Active-X based RDP clients can be used for users that are not on the Windows platform.
You are the only one that replied and your suggestion is close so I will award you the points.
Thank you again for your time.