Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5490
Views
0
Helpful
4
Replies

RDP is not working with Cisco NAM (User and Machine Auth)

Go to solution
oleg_kobzar
Level 1
Level 1

‎04-12-2018 01:20 AM - edited ‎02-21-2020 10:53 AM

RDP to Windows 10  machine is not working when Cisco NAM is used instead native Windows supplicant. The case is below:

1) PC is turned on and passed machine authentication

2) RDP is initiated to PC and user authentication passed. But RDP is not established.Windows Firewall blocks this traffic, even if  there is a permit rule in its configuration (tcp/udp from any source  to port 3389)

3) Machine authentication is passed again.

User and Machine VLAN are the same. It works only if user is locally login into PC( user authentication on switch port) or if Windows Firewall is disabled. Logs are below.

 

2018-03-30 16:08:52 DROP TCP 172.27.235.51 172.27.235.53 51817 3389 0 - 0 0 0 - - - RECEIVE
2018-03-30 16:08:52 DROP UDP 172.27.235.51 172.27.235.53 62652 3389 0 - - - - - - - RECEIVE

Does anyone use such deployment of 802.1x with Cisco NAM?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
DHaya
Level 1
Level 1

‎08-28-2019 04:50 AM

Its known bug,

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvo47467

 

Work around as below.

1. In Registry Editor, locate the following registry subkey:
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy
2. Right-click the Parameters registry subkey, point to New, and then click DWORD (32-bit) Value.
3. Rename the new registry entry to IntfQuarantineEnabled and set the value to 0.

Hope this helps

View solution in original post

0 Helpful
4 Replies 4

Go to solution
oleg_kobzar
Level 1
Level 1
In response to Octavian Szolga

‎04-12-2018 02:20 AM

Hi Octavian,



Thanks a lot for your reply.


But could you please specify why it is not working. I tried to check the configuration guide but changing registry key EnforceSingleLogon didn`t help.

Is it possible to modify anything to have working RDP for this case?


I hope you will answer and show the the direction because at this moment neither Cisco or MS can help me.



0 Helpful

Go to solution
Octavian Szolga
Level 4
Level 4
In response to oleg_kobzar

‎04-12-2018 03:22 AM

Hi Oleg,

 

Please check if windows firewall is completely off just to exclude this as a possible issue.

Also, make sure you've added the correct dword in registry to allow RDP with a different user than the currently logged in user.

I've tested this in the past and it worked.

 

Thanks,

Octavian

0 Helpful

Go to solution
DHaya
Level 1
Level 1

‎08-28-2019 04:50 AM

Its known bug,

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvo47467

 

Work around as below.

1. In Registry Editor, locate the following registry subkey:
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy
2. Right-click the Parameters registry subkey, point to New, and then click DWORD (32-bit) Value.
3. Rename the new registry entry to IntfQuarantineEnabled and set the value to 0.

Hope this helps

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents