Last updated on September 6, 2024
Overview of MFA for WatchGuard Firebox
Multi-Factor Authentication (MFA) for WatchGuard Firebox is an additional security measure that necessitates users to provide two types of authentication to gain access to WatchGuard products. The initial factor involves the user inputting their Active Directory / RADIUS username and password. After successfully completing this first factor, the user undergoes a second authentication step, which could be one of the available authentication methods such as Mobile Push or Email Link. Successful completion of both factors allows the user access to the resource. Activating Multi-Factor Authentication (MFA) for WatchGuard Firebox significantly increases the difficulty for hackers to access resources, even if they have acquired a user’s login details.
Rublon implements Multi-Factor Authentication in several ways. A range of WatchGuard products are supported. Continue reading to learn more about the supported products and Authentication Methods.
Known Limitations
Rublon’s Multi-Factor Authentication (MFA) for WatchGuard Mobile VPN does not support the following protocols:
- IKEv2: WatchGuard only allows the definition of a local user database on the firewall, with no option to configure other authentication sources like LDAP or RADIUS.
- L2TP: WatchGuard does not provide an option to define an external authentication source, such as LDAP or RADIUS, and only supports a local user database on the firewall.
These limitations are due to the restrictions within WatchGuard’s configuration for these specific protocols.
Before you start
Ensure you have a properly configured WatchGuard Firebox.
Configuration of MFA for WatchGuard Firebox
Rublon MFA for WatchGuard Firebox using RADIUS
Integrate your WatchGuard Firebox with Rublon using RADIUS to introduce Multi-Factor Authentication (MFA) to your WatchGuard Firebox logins, including logins using WatchGuard Mobile VPN via IPSec and SSL. You have to install and configure Rublon Authentication Proxy before configuring Rublon MFA for WatchGuard.
The following documentation describes enabling Rublon Multi-Factor Authentication for WatchGuard Firebox using LDAP.
Read the documentation for Rublon MFA for WatchGuard Firebox using RADIUS
Rublon MFA for WatchGuard Firebox using LDAP
Integrate your WatchGuard Firebox with Rublon using LDAP to introduce Multi-Factor Authentication (MFA) to your WatchGuard Firebox logins, including logins using WatchGuard Mobile VPN via IPSec and SSL. You have to install and configure Rublon Authentication Proxy before configuring Rublon MFA for WatchGuard.
The following documentation describes enabling Rublon Multi-Factor Authentication for WatchGuard Firebox using LDAP.
Read the documentation for Rublon MFA for WatchGuard Firebox using LDAP
Troubleshooting MFA for WatchGuard
If you encounter any issues with your Rublon integration, please contact Rublon Support.
