cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
487
Views
1
Helpful
3
Replies

DUO first time setup for RDWeb problems

Easy-Works-Dan
Level 1
Level 1

I installed RDWeb and got it setup and verified working. Then I install duo-rdweb-3.0.0.msi and if I do not check the box to bypass duo authentication i got Server Error in '/RDWeb/Pages' Application when i sign in. If I leave the box checked and sign in, which I believe should take me to the duo sign for the universal prompt it does NOT happen. It just goes to the normal RDWeb sign in and after signing in and takes me to "RemoteApp and Desktops" to select a program.

At this point I've got the the bypass unchecked and I'm unable to access my remote programs, but if i uninstall duo everything works as expected. For the installation I made sure I copied from the correct application in duo named "Microsoft RD Web" (client ID, client secret, and API hostname) from here. Just at a loss when I never see the screen for the Universal prompt i see in https://duo.com/docs/rdweb#update-duo-for-rd-web under test your setup.

3 Replies 3

Easy-Works-Dan
Level 1
Level 1

You may also need to configure the .NET Framework to use TLS 1.2.

Added the following registry entries on my RD Web servers to enable .NET support for TLS 1.2 and stronger ciphers:

Registry Paths:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319

Registry Value Type Description
SchUseStrongCrypto DWORD Set this value to 1 to enable .NET applications to use TLS 1.2 and more secure ciphers. 

After doing this it started working as expected.

Thank you so much for this resolution! I couldn't find it documented anywhere.

@gharrington the TLS 1.2 requirement is mentioned here: https://duo.com/docs/rdweb#tls-requirements, with a link to this KB article https://help.duo.com/s/article/7546?language=en_US#winnet with the registry information for TLS 1.2 in .NET.

Thank you, @Easy-Works-Dan , for sharing the info from the KB article here in the community.

Duo, not DUO.
Quick Links