Announcement

Collapse
No announcement yet.

Secure RDP with Aladdin eToken OTP and ISA 2004

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Secure RDP with Aladdin eToken OTP and ISA 2004

    Hello and thank you for reading my post.

    I have implemented eToken OTP (One-Time Password) for my organization's VPN and OWA remote access. We are using ISA 2004 rules for VPN access and OWA publishing. Our servers are Windows 2003 Standard Servers in a native mode AD domain.

    ISA 2004 is also configured to allow RDP sessions over port 80 (NAT port 80 to 3389) to a terminal server in our LAN. Our users are allowed remote access by simply entering DNSNAME:80 in their RDP clients and connecting to the Terminal Server on the corporate LAN.

    I understand that this is probably wishful thinking however, does anyone know of a way to secure an RDP session with an OTP device without having to install extra software on the client machine? Unfortunately, it does not seem possible to use RADIUS authentication with RDP which would work perfectly.

    I read that the TS Web Client can be used with ISA 2006 (RADIUS OTP Option is available) as a published HTTPS site. However, we cannot upgrade ISA and we do not want users to have to install the Active X control on their IE browsers.

    Thank you in advance for your time and suggestions.

    Update:

    Okay - I haven't received any suggestions so it looks like I am trying to do something that cannot be done at this time.

    How about an SSL-VPN appliance? Can anyone recommend a good one for a 100 users or less? It looks like I can secure RDP as well as other applications using this method. As long as it supports RADIUS authentication, I should be able to use it with eToken OTP.

    I saw the Netgear SSL312 (only for 25 users though) and it looks like it has the features that my organization needs - does anyone have any experience or comments about a product such as this?

    Thanks again for your time.
    Last edited by Kesshin; 30th June 2008, 03:54. Reason: Update

  • #2
    Re: Secure RDP with Aladdin eToken OTP and ISA 2004

    Originally posted by Kesshin View Post
    Hello and thank you for reading my post.

    I have implemented eToken OTP (One-Time Password) for my organization's VPN and OWA remote access. We are using ISA 2004 rules for VPN access and OWA publishing. Our servers are Windows 2003 Standard Servers in a native mode AD domain.

    ISA 2004 is also configured to allow RDP sessions over port 80 (NAT port 80 to 3389) to a terminal server in our LAN. Our users are allowed remote access by simply entering DNSNAME:80 in their RDP clients and connecting to the Terminal Server on the corporate LAN.

    I understand that this is probably wishful thinking however, does anyone know of a way to secure an RDP session with an OTP device without having to install extra software on the client machine? Unfortunately, it does not seem possible to use RADIUS authentication with RDP which would work perfectly.

    I read that the TS Web Client can be used with ISA 2006 (RADIUS OTP Option is available) as a published HTTPS site. However, we cannot upgrade ISA and we do not want users to have to install the Active X control on their IE browsers.

    Thank you in advance for your time and suggestions.

    Update:

    Okay - I haven't received any suggestions so it looks like I am trying to do something that cannot be done at this time.

    How about an SSL-VPN appliance? Can anyone recommend a good one for a 100 users or less? It looks like I can secure RDP as well as other applications using this method. As long as it supports RADIUS authentication, I should be able to use it with eToken OTP.

    I saw the Netgear SSL312 (only for 25 users though) and it looks like it has the features that my organization needs - does anyone have any experience or comments about a product such as this?

    Thanks again for your time.
    No idea about your first question but i can help with your second.

    We have deployed Sonicwall SSL VPN 2000 devices.

    Fantastic bits of kit and very good at what they do.

    http://www.sonicwall.com/us/support/3165.html

    Comment


    • #3
      Re: Secure RDP with Aladdin eToken OTP and ISA 2004

      Thank you very much for your suggestion.

      I took a look at the 200 series because my organization rarely has more than 10 concurrent users at a time. And, we only need RDP and OWA web access.

      Unfortunately, the 200 series does not support OWA Premium mode making it a show stopper for my organization.

      The 2000 series is the next choice but unfortunately, here in Japan, it is so much more expensive than in the U.S. - over $4,000.

      I guess you cannot have your cake and eat it too.

      Thank you again for your suggestion.

      Comment


      • #4
        Re: Secure RDP with Aladdin eToken OTP and ISA 2004

        Originally posted by Kesshin View Post
        Thank you very much for your suggestion.

        I took a look at the 200 series because my organization rarely has more than 10 concurrent users at a time. And, we only need RDP and OWA web access.

        Unfortunately, the 200 series does not support OWA Premium mode making it a show stopper for my organization.

        The 2000 series is the next choice but unfortunately, here in Japan, it is so much more expensive than in the U.S. - over $4,000.

        I guess you cannot have your cake and eat it too.

        Thank you again for your suggestion.
        We also had a look at the 200 but the certificates wouldn't work properly in our org.

        Comment

        Working...
        X