Read the enrollment documentation to learn more. You'll need to create your users in Duo ahead of time using one of our other enrollment methods, like directory sync or CSV import. This configuration doesn't support inline self-service enrollment. If you have enabled the "Validate server certificate" option on your NetMotion Mobility clients, then you must use a certificate issued by a CA that your Mobility client systems trust. ![]() If you'd like to use a self-signed certificate, you can create one using OpenSSL following the example instructions here. The certificate can be issued by a trusted certificate authority (CA) or self-signed. The key file must not be encrypted nor can it require a password for use. You will need a certificate and corresponding key file when configuring the Duo Authentication Proxy. ![]() If using RADIUS as the primary authenticator with NetMotion EAP, the RADIUS server must permit use of PAP encryption. If you are not using Active Directory and do not have a RADIUS server that supports EAP you must deploy one (for example, Microsoft Network Policy Server or FreeRADIUS) before using Duo authentication. OverviewÄuo two-factor authentication for NetMotion supports using the EAP (PEAP-GTC) mechanism against a RADIUS server using Duo's Authentication Proxy radius_client primary authentication or against an Active Directory domain controller using ad_client primary authentication. Duo integrates with your NetMotion Mobility VPN software to add two-factor authentication to any VPN login.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |