2 factor authentication for MS RDP terminalService published trough the F5
Long time ago I was involved in a project where we should show how we could implement 2 factor authentication for Microsoft terminal server gw - published trough the F5 on the internet. We here went for the native MS RDP client using MS TerminalServer GW - this gives the best user experience. We also wanted to use RSA SecureID as second factor for two factor auth. But we the faced a problem since there wasn't any where in this client to enter the token code. We ended up in mis-using the TS GW password field for token input ;-) It worked but this wasn't a solution that was useable for a production environment.
But how could this else be solved? We have to use the native MS Windows RDP client because it is a public offered service where we don't want to deploy "extra" sw to clients around the world - and the native MS Windows RDP client gives the best user-experience
Any suggestions?
best regards /ti