RDP¶
Supported connection modes:
Supported client applications:
- All official Microsoft clients for Windows and macOS,
- FreeRDP 2.0 and newer.
Supported OCR languages:
- English
- German
- Norwegian
- Ukrainian
- Polish
- Hungarian
- Russian
Supported algorithms
when TLS encryption selected and the option Legacy ciphers is disabled:
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_AES_128_GCM_SHA256
ECDHE-ECDSA-CHACHA20-POLY1305
ECDHE-RSA-CHACHA20-POLY1305
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA384
DHE-RSA-AES256-GCM-SHA384
AES256-GCM-SHA384
AES128-GCM-SHA256
AES128-SHA256
when TLS encryption selected and the option Legacy ciphers is enabled:
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_AES_128_GCM_SHA256
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-CHACHA20-POLY1305
ECDHE-RSA-CHACHA20-POLY1305
DHE-RSA-CHACHA20-POLY1305
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA384
DHE-RSA-AES256-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA256
DHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES256-SHA
ECDHE-RSA-AES256-SHA
DHE-RSA-AES256-SHA
ECDHE-ECDSA-AES128-SHA
ECDHE-RSA-AES128-SHA
DHE-RSA-AES128-SHA
AES256-GCM-SHA384
AES128-GCM-SHA256
AES256-SHA256
AES128-SHA256
AES256-SHA
AES128-SHA
Notes:
RDP protocol implementation supports user authentication over RADIUS in challenge-response mode.
For RDP servers are supported NLA mode and TLS mode.
For RDP listeners, besides the standard security level, the Enhanced RDP Security with TLS option is supported.
In case the NLA option enabled, Fudo Enterprise requires NTLM protocol version 2 or newer. To properly handle NLA authentication connections, enable option to only send NTLMv2 response both on client and server side.
- Click Start > All Programs > Accessories > Run.
- Type
secpol.msc
in the Open input field and click OK. - Select Local Policies > Security Options and double-click Network Security: LAN Manager authentication level.
- Select Send NTLMv2 response only. Refuse LM & NTLM from the drop-down list.
- Click Apply.
- Fudo Enterprise verifies input language settings when negotiation connection and does not support dynamic language change on the login screen.
RemoteApp
Fudo natively supports RemoteApp connections over RDP protocol. Application windows are recorded the same way as RDP connections, enforcing all Fudo Enterprise security restrictions.
To monitor RemoteApp sessions, the connection must be launched through a *.rdp
configuration file with the Fudo Enterprise IP address and the port number defined.
Connections initiated over Remote Desktop Web Access can be monitored by Fudo only in Transparent/Gateway mode as the Remote Desktop Web Access can not provide Fudo IP address instead of original destination server.