freerdp-proxy - Man Page

[-h] [--help] [--buildconfig] [--dump-config <config file>] [-v] [--version] [<config file>]

can be used to proxy a RDP connection between a target server and connecting clients. Possible usage scenarios are:

Proxying

Connect outdated/insecure RDP servers from behind a (more secure) proxy

Analysis

Allow detailed protocol analysis of (many) unknown protocol features (channels)

Inspection

MITM proxy for session inspection and recording

-h,--help

Display a help text explaining usage.

--buildconfig

Print the build configuration of the proxy and exit.

-v,--version

Print the version of the proxy and exit.

--dump-config

Dump a template configuration to <config-ini-file>

<config-ini-file>

Start the proxy with settings read from <config-ini-file>

The proxy does not support authentication out of the box but acts simply as intermediary. Only RDP and TLS security modes are supported, NLA will fail for connections to the proxy. To implement authentication a proxy-module can be implemented that can authenticate against some backend and map connecting users and credentials to target server users and credentials.

/some/config/file

--dump-config /some/config/file

1. generate certificates for proxy

winpr-makecert -rdp -path . proxy

2. generate proxy configuration

--dump-config proxy.ini

3. edit configurartion and:

 * provide (preferrably absolute) paths for CertificateFile and PrivateKeyFile generated previously
 * remove the CertificateContents and PrivateKeyContents
 * Adjust the [Server] settings Host and Port to bind a specific port on a network interface
 * Adjust the [Target] Host and Port settings to the RDP target server
 * Adjust (or remove if unuse) the Plugins settings

3. start proxy server

proxy.ini

0

Successful program execution.

1

Otherwise.

wlog(7)

FreeRDP <team@freerdp.com>