ZestyServers Docs
StoreZesty ToolsProxy GuidesService Status
  • 👋Welcome
  • 🔧ZestyTools
    • ZestyTool
    • Proxy Tester
    • Zesty + CF VPN
  • 🍋Setting up your server
  • 🤞Need help choosing?
  • 📋Table of Contents
  • 📡Connecting
    • Connect to server (Windows)
    • Connect to server (macOS X)
    • Connect to server (Royal TS)
    • Connect to server (iOS)
    • Connect to server (Android)
    • Connect to server (Linux)
    • RDP Relay / Accelerator
  • 🔒Security
    • RDP Security, why?
    • RDPHelper
      • Setup 2FA (TOTP)
      • Whitelist IP Address
      • Blacklist IP Address
      • Change Password
      • Change RDP Port
    • How to change your RDP Port
      • RDP Change - ZestyTool
      • RDP Change - Manually
    • How to enable brute force prevention
    • How to setup DUO 2FA on RDP
    • How to change Windows password?
  • đŸ•šī¸Basics
    • How do I restart my server?
    • How do I update my server?
    • How to change RDP resolution
    • How to use BP Proxy Switcher
    • Is Discord on a server safe?
    • How to setup a proxy on a server
    • Things to check on before drops
  • 👨‍đŸ’ģSoftware
    • How to install Microsoft Edge
    • How to install NodeJS
    • How to install Java
    • How to install .NET 4.8+
  • đŸ“ĻOrders FAQ
    • Order Fulfilment
    • Can I have a refund?
    • How does billing work?
    • Apply discount code after order?
    • Which Crypto Currency do we accept?
    • What do I do if I missed a payment?
  • ⚡Troubleshooting
    • Troubleshooting Guide
    • How to change display colors on Windows RDP
    • How to turn down interpolation on MacOS Remote Desktop
    • How to change DNS servers
      • Change DNS - Windows
      • Change DNS - macOS X
    • How to check when the Windows server crashed?
  • ❓Server Questions
    • Why does it say my server is located elsewhere?
    • What comes installed on the server?
    • What kind of speeds should I be seeing?
    • Should I update my server when I get it?
Powered by GitBook
On this page
  • Video Guide / How-To Video
  • Signup for Duo
  • Setup Your Application
  • Adding a User to Duo
  • Add a Phone
  • Installing Duo onto your Server
  1. Security

How to setup DUO 2FA on RDP

How do I setup MFA/2FA on my RDP Server? This is a guide on how to setup duo.com 2FA for Windows Server RDP.

PreviousHow to enable brute force preventionNextHow to change Windows password?

Last updated 2 years ago

Video Guide / How-To Video

Signup for Duo

Setup Your Application

Click on the Protect an Application button in the top left

Search up "RDP" and you'll be able to see Microsoft RDP. This can be used for:

Clients:

  • Windows 8.1

  • Windows 10 (as of v1.1.8)

Servers (GUI and core installs):

  • Windows Server 2012

  • Windows Server 2012 R2

  • Windows Server 2016 (as of v2.1.0)

  • Windows Server 2019 (as of v4.0.0)

We highly suggest you leave everything as default unless you know what you're doing. Don't forget to click save when it shows.

Adding a User to Duo

Default username should be "Administrator" You will also be able to set Administrator as an alias under different account names. In our case, we use zestyadmin but for ALL zesty clients, you should be using Administrator.

Add a Phone

Download the Duo Mobile app onto your phone.

Back to your browser. Under the same user page, you will be able to add a phone using the "Add Phone" button.

You will now click on the Activate Duo Mobile text (in blue) under the "Device Info" section.

Generate the Duo Mobile Activation Code.

Send the link to your mobile device by SMS.

You will then click on the link and and it will open the Duo Mobile app and add your Application & User.

Installing Duo onto your Server

Back to your application home screen, you will see the integration key, secret key and API hostname.

Enter in your API hostname (Copy & Paste if you can).

Enter in the Integration Key and Secret Key (Copy & Paste if you can).

Select "Only prompt for Duo authentication when logging in via RDP" Make sure this is ticked.

Don't enable smart card unless you actually have one and know how to configure it.

You may now logout and then login to the server and see if it prompts on your phone.

Done!

Signup for Duo Trial:

Download and install the Duo Authentication for Windows Logon installer package onto your server. You can download that .

🔒
here
here