Lab Minutes Forum
Technical Discussion => Security => Topic started by: bberry on June 02, 2015, 09:10:14 AM
-
Has anyone tried to use RDP (Remote Desktop) to a system that is also under ISE? Should it work? Does authentication and other things change when connecting through RDP to the system compared to being at the keyboard?
I have two users that have been under ISE for a couple weeks now and been working without any issues. They both tried to access their systems remotely over the weekend but ran into a small issue. They connect to the VPN just fine but when they try to access their systems via RDP they get kicked out of of the RDP session. If they try to reconnect via RDP they receive a message along the lines that the system is no longer part of the domain. When they come back into the office they log onto their system and they have also lost any other RDP sessions they may have had open to other systems as well.
One user is a system admin and normally has two or three other RDP sessions open to other systems to make it easier to manage the system. All these sessions were disconnected as well. It is almost as if when the RDP session kicked in ISE took the system completely off the network.
Brent
-
RDP to Windows machine is a known issue where the computer perform machine authentication instead of user authentication. So when you RDP and look at the auth session on switch port, you will see computer name instead of username, and if you have machine auth profile setup to be too restrictive, you may lose access to network right after RDP session connects. A workaround is to obviously 'permit all' traffic for successful machine auth but that mean you just relaxed your security policy and you also will not be able to enforce differentiated user access during RDP since ISE will be authenticating machine instead of user.