Last updated on August 27, 2024
Overview
Rublon adds Two-Factor Authentication (2FA) and Multi-Factor Authentication (MFA) to any application that supports the Remote Authentication Dial-In User Service (RADIUS). All generic applications that support RADIUS applications can be integrated with Rublon MFA using the Rublon Authentication Proxy. The Auth Proxy acts as an intermediary between your RADIUS-compatible applications and Rublon, ensuring that all authentication requests are secured with an additional layer of authentication.
The Rublon Authentication Proxy handles the RADIUS authentication requests and forwards them to your existing RADIUS server. This integration does not require storing user credentials within Rublon, as the Auth Proxy simply communicates with your RADIUS server to verify user credentials.
Before You Start
- Check the list of described Rublon Authentication Proxy integrations. Chances are, your application is already there. In that case, follow the instructions for that particular integration instead of this generic documentation for more detailed steps and screenshots.
- Ensure the Rublon Authentication Proxy is installed and configured within your network. This is a crucial step to enable MFA for your RADIUS-based applications.
Configuration
Follow these steps to enable Rublon MFA for your generic RADIUS service provider.
Rublon Authentication Proxy
1. Install the Rublon Authentication Proxy. (See: Rublon Authentication Proxy: Installation)
2. Configure RADIUS authentication in the Auth Proxy configuration file, allowing the Rublon Authentication Proxy to communicate with your RADIUS directory service. This includes setting up a radius_secret as well as other RADIUS proxy server settings and RADIUS source settings. (See: Rublon Authentication Proxy: Configuration)
4. (Optional) Read about the RADIUS authentication modes available in the Rublon Authentication Proxy and select the mode you want to use. The standard mode should be enough for most purposes. (See: Rublon Authentication Proxy RADIUS Modes Explained)
5. After making the necessary changes, save the configuration file and restart the Rublon Authentication Proxy to apply the new settings.
RADIUS Application
1. Now that you set up the Authentication Proxy for your RADIUS directory service, you must integrate the Auth Proxy with your RADIUS application.
2. Log in to the administrator panel of your RADIUS application and locate the RADIUS configuration section. Configure your RADIUS service provider to route all user authentication requests through the Rublon Authentication Proxy. This setup ensures that MFA is enforced for every login attempt. While the names of tabs, options, and values may slightly differ from one application to another, the general idea behind the configuration is always the same.
3. Ensure that the RADIUS server can communicate with the Rublon Authentication Proxy and that authentication requests are being forwarded correctly.
Log in to Your Generic RADIUS Application With Rublon MFA
After configuring the Rublon Authentication Proxy and your RADIUS-integrated application, it is time to test your setup. The example below portrays logging into a generic RADIUS application.
1. Initiate login to your application. You usually use a VPN client or your web browser for that.
2. Enter the login and password and complete the second factor such as Mobile Push, Email Link, YubiKey OTP, or SMS Link.
Troubleshooting
If you encounter any issues with your Rublon integration, please contact Rublon Support.
Related Posts
Rublon Authentication Proxy – List of Documented Integrations
Rublon Authentication Proxy: Installation
Rublon Authentication Proxy RADIUS Modes Explained
Rublon Use Guide – Append Mode
