AnsweredAssumed Answered

remote client VPN authentication with Certificate

Question asked by ovidiu catrina on Mar 27, 2018
Latest reply on Oct 16, 2018 by Shahar Grober



at the moment we have the standard remote vpn for our users with office mode, authentication done through LDAP and MFA, which works perfectly, no complaints here until so far



but i want to start implement certificate based authentication on the remote vpn clients.


the CA is internal, our Active Directory will issue the certificates for the users.


i have an NPS server(RADIUS), policy is created, although could be wrongly configured.


i have the RADIUS server defined on the management.


but i am missing 2 steps :

   1st : how do i enforce/allow users to user to use the certificate to authenticate.

   2nd : could someone provide some step-by-step or a policy configuration for the NPs server



at the moment i have this : 


and of course the firewalls defined as clients on the radius server.