This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Highlighted
pwillekens
Employee
Employee
‎2020-03-24 03:46 AM

White Paper - RAS VPN with Azure and Microsoft Authenticator MFA

This is guide will describe the full setup configuration of a Azure MFA using the Microsoft Authenticator App in combination with an Active Directory on-premises synced with Azure Active Directory.

The scope is based on VPN remote access on premises that will be moved to Azure Cloud IaaS. The authentication is Active directory credentials in combination with Azure MFA.

 

For the full list of White Papers, go here

Preview file
4557 KB
Reply
10 Replies
Highlighted
SamiH
Contributor
‎2020-03-31 07:12 AM

After reading the paper, I think this works with local AD too, without Cloudguard or Azure AD? As it happens, I have a need to combine RADIUS MFA with Identity awareness. Currently we are using RADIUS MFA but the identities won't match AD users even though the used email addresses are the same as in AD accounts. 

0 Kudos
Reply
Highlighted
Jonathan
Contributor
‎2020-08-26 11:39 PM

Hi Sami,

Did you ever managed to apply this solution with on-premis AD and without Cloudguard?

0 Kudos
Reply
Highlighted
SamiH
Contributor
‎2020-08-26 11:49 PM

We actually have the older MS MFA component which can no longer be downloaded. The new one uses explicitly the Azure AD sync.

It works with the old one, which syncs user information locally to our on-prem MFA/NPS/Radius server - which in turn talks to Azure to send the authentication verification request to user. 

0 Kudos
Reply
Highlighted
Jonathan
Contributor
‎2020-08-27 12:36 AM

and do you use Cloudgard or regular on-premise VPN?

 

0 Kudos
Reply
Highlighted
SamiH
Contributor
‎2020-08-27 01:15 AM

Just regular on-premise vpn from Check Point gw's. I would assume it works with on-prem vpn with newer Azure MFA + AD sync to Azure, without Cloudguard still. 

Reply
Highlighted
pwillekens
Employee
Employee
‎2020-09-15 05:17 AM

It should wokr on both as long the initial Radius request is send to the NPS server

0 Kudos
Reply
Highlighted
pwillekens
Employee
Employee
‎2020-09-15 05:17 AM

sorry for the delay response, no i didn't apply this on premises. 

0 Kudos
Reply
Highlighted
Paul_Manalaysay
Explorer
‎2020-06-10 12:45 AM

Hello, does this guide also works on Mobile Access VPN? The Portal-based one?
0 Kudos
Reply
Highlighted
pwillekens
Employee
Employee
‎2020-06-10 12:48 AM

Hi Paul,

I didn't set it up for mobile Acces, but it should work as the procedure is the same.
0 Kudos
Reply
Highlighted
Paul_Manalaysay
Explorer
‎2020-06-10 08:48 PM

Thanks a lot!
0 Kudos
Reply