• State Not Answered
  • Replies 1 reply
  • Subscribers 28 subscribers
  • Views 117 views
  • Users 0 members are here
Options
Related

RDS Policy issue on jumphost

el romeo
2 months ago

Hi there,

I'm reaching out to seek support for configuring Safeguard. Currently, in our setup on SPS:

  1. We have a scenario where access to 2 jumphosts is possible via RDP. In the "safeguard_default" channel policy, we have enabled copy-paste.

  2. Now, we need to add a new scenario where accessing an application on these 2 jumphosts is possible, but without the rights to copy-paste files between local and remote machines. We've added a  new connection  with a channel policy excluding the clipboard.

On SPP, we've specified the clipboard-excluded channel policy in entitlement > access request policies > security. However, we're not observing the expected behavior:

  • If we set the connection without clipboard as the primary one, we can't use the clipboard for either the app or RDP access.
  • If the first connection allows clipboard, we can use file copy-paste for both cases.

The issue arises because we're unsure about what to specify in the address range on SPS in the Connections section, as these addresses coincide (since the app resides on the jumphosts). We're using the SPP-initiated flow.

Could you help us?

Thank you,

Elena

  • 0 2 months ago

    Hi Elena,

    I don't think it would be possible to enable AND disable Clipboard to the same RDP host based on the application used inside the RDP host at the same time, this use case seem to have conflicting requirements because the copy \ paste into the target host via RDP can either be enabled or disabled and it is not specific to which application runs inside the RDP host right? Unless I misunderstood the question, please feel free to clarify.

    Thanks!