Use the NLA option for an RDP connection via Devolutions Gateway

Devolutions Gateway supports KDC proxy combined with API hooking RDP in Remote Desktop Manager, letting Kerberos work effortlessly with RDP NLA.

KDC proxy with short-lived tokens

  1. In Administration, under Modules, click on Devolutions Gateway.
Devolutions Gateway module settings
Devolutions Gateway module settings
  1. Click Edit (pen button) on the desired Devolutions Gateway instance.
Devolutions Gateway Edit button
Devolutions Gateway Edit button
  1. In the KDC proxy section, fill out the KDC Server URL and Kerberos realm fields.
KDC proxy section
KDC proxy section

If this does not work, head over to the Advanced section and make sure the Force using IP address for RDP connections option is off.

KDC proxy with long-lived tokens

  1. Click on the vertical ellipsis button next to the desired Devolutions Gateway and select KDC proxy.
Devolutions Gateway KDC proxy settings
Devolutions Gateway KDC proxy settings
  1. Fill out the KDC proxy token fields. Click Add.
Fill out KDC proxy token fields
Fill out KDC proxy token fields
  1. Download and run the KDC proxy token configuration file on every machine using KDC proxy. This PowerShell script should add the KDC configuration to the machine's registry.
Download KDC proxy token configuration file
Download KDC proxy token configuration file

To remove the KDC configuration from the registry, open Windows' Registry Editor, and launch the script using the -Uninstall parameter.

Devolutions Forum logo Give us Feedback