• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Company · Blog · Newsletter · Events · Partner Program

Downloads Support
  • English
    • Polski
Login
Rublon

Rublon

Secure Remote Access

  • Product
    • Regulatory Compliance
    • Use Cases
    • Rublon Reviews
    • Deployment Model
    • What is MFA?
    • User Experience
    • Authentication Methods
    • Rublon Authenticator
    • Rublon App Shield
    • Rublon Identity Bridge
    • Remembered Devices
    • Logs
    • Single Sign-On
    • Access Policies
    • Directory Sync
  • Solutions
    • MFA for Remote Desktop
    • MFA for Remote Access Software
    • MFA for Windows Logon
    • MFA for Linux
    • MFA for On-Premise Active Directory
    • MFA for LDAP
    • MFA for RADIUS
    • MFA for SAML
    • MFA for RemoteApp
    • MFA for Workgroup Accounts
    • MFA for Entra ID
    • MFA for Windows Server Core
  • Customers
  • Industries
    • Financial Services
    • Investment Funds
    • Retail
    • E-Commerce
    • Technology
    • Healthcare
    • Legal
    • Education
    • Government
    • Utilities
    • Manufacturing
  • Pricing
  • Docs
Contact us Free Trial

Enable Microsoft Entra ID VPN Logins Over RADIUS With MFA

Enable VPN users to sign in with Microsoft Entra ID credentials even when your VPN, firewall, or remote access gateway only supports RADIUS. With Rublon Authentication Proxy, you can connect RADIUS-based VPN access to Microsoft Entra ID for primary authentication and add Rublon MFA before access is granted.

Scenario

Your organization uses Microsoft Entra ID as the central identity platform, but your VPN, firewall, or remote access gateway still authenticates users through RADIUS. Users already sign in to cloud services with Microsoft Entra ID credentials, but remote access still depends on legacy authentication infrastructure.

This is common in environments where VPN appliances, firewalls, and remote access systems support RADIUS broadly, but do not provide a direct practical Microsoft Entra ID integration through SAML, OAuth 2.0, or OpenID Connect.

Challenge

Many VPN deployments still rely on RADIUS servers backed by local Active Directory for primary authentication. This creates a problem for organizations moving toward an Entra-first or Entra-only identity strategy.

You may want users to sign in to VPN with Microsoft Entra ID credentials, but the VPN system expects a RADIUS server. At the same time, keeping local Active Directory, domain controllers, Microsoft NPS, and related infrastructure only for VPN authentication increases operational overhead and slows down Active Directory decommissioning projects.

Solution

Rublon Authentication Proxy acts as the RADIUS endpoint for your VPN or firewall and uses Microsoft Entra ID as the primary authentication source.

The VPN sends the RADIUS authentication request to Rublon Authentication Proxy. Rublon Authentication Proxy verifies the user’s primary credentials against Microsoft Entra ID and then enforces Rublon MFA before VPN access is granted.

This allows VPN users to authenticate with Microsoft Entra ID credentials while keeping the VPN configuration based on RADIUS. The protected VPN does not need to support Microsoft Entra ID natively.

Benefits

  • Enable VPN access with Microsoft Entra ID credentials over RADIUS.
  • Add Rublon MFA before remote access is granted.
  • Reduce dependency on local Active Directory for VPN authentication.
  • Keep RADIUS-based VPN and firewall configurations working.
  • Support Entra-first and Entra-only identity strategies.
  • Avoid keeping Microsoft NPS and domain controllers only for RADIUS-based VPN authentication.
  • Protect VPN access even when the VPN appliance does not support SAML, OAuth 2.0, or OpenID Connect natively.

Take Action Now

Contact Sales  Free Trial  More Use Cases
Try Rublon MFA for Free
Start your 30-day Rublon MFA Trial to secure your employees using multi-factor authentication.
No Credit Card Required
Rublon 5 star reviews on Gartner Peer Insights

Footer

Product

  • Regulatory Compliance
  • Rublon Reviews
  • Use Cases
  • Deployment Model
  • What is MFA?
  • User Experience
  • Authentication Methods
  • Rublon Authenticator
  • Rublon App Shield
  • Rublon Identity Bridge
  • Remembered Devices
  • Logs
  • Single Sign-On
  • Access Policies
  • Directory Sync

Solutions

  • MFA for Remote Desktop
  • MFA for Windows Logon
  • MFA for Remote Access Software
  • MFA for Linux
  • MFA for On-Premise Active Directory
  • MFA for LDAP
  • MFA for RADIUS
  • MFA for SAML
  • MFA for RemoteApp
  • MFA for Workgroup Accounts
  • MFA for Entra ID
  • MFA for Windows Server Core

Industries

  • Financial Services
  • Investment Funds
  • Retail
  • E-Commerce
  • Technology
  • Healthcare
  • Legal
  • Education
  • Government
  • Utilities
  • Manufacturing

Documentation

  • 2FA for Windows & RDP
  • 2FA for RDS
  • 2FA for RD Gateway
  • 2FA for RD Web Access
  • 2FA for SSH
  • 2FA for OpenVPN
  • 2FA for SonicWall VPN
  • 2FA for Cisco VPN
  • 2FA for Office 365

Support

  • Knowledge Base
  • FAQ
  • System Status

About

  • About Us
  • AI Info
  • Blog
  • Events
  • Careers
  • Co-funded by the European Union
  • Contact Us

  • Facebook
  • GitHub
  • LinkedIn
  • Twitter
  • YouTube

© 2026 Rublon · Imprint · Legal & Privacy · Security