SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.

Windows Remote Desktop and WAP

Hi everyone, im looking for some advice on Windows Remote Desktop, RSA Auth Manager and MS WAP server. 

I'm currently building a new solution which looks like below. (see attachment) 

My plan is to install the Authentication Agent 7.4 on the session hosts and use the GPO templates from RSA. 

 I would like for my internal users not be challenged each time they log on. 

Can anyone suggest an easier way to achieve 2FA on the external client devices?

Labels (1)
2 Replies
Respected Contributor
Respected Contributor

Hello Mike,


You can simply specify which users to challenge from the GPO template, just create a user group for your external users and mention it in the GPO template.


Follow the RSA Authentication Agent 7.4 for Microsoft Windows Group Policy Object Template Guide


Thanks, i'll have a read.

I have a handful of internal users who won't have RSA tokens and I don't want them to be able to access the externally but still able to access the environment internally. Is this possible?