+1 978 658 9387    Login  
Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×
  • IAM
  • Radius MFA using MSCHAPv2 protocol

Radius MFA using MSCHAPv2 protocol

This is a step by step guide to configure Radius MFA using MSCHAPv2 protocol.


Radius Server Authentication Flow

Radius Server Authentication Flow


Configuration Steps

1. Add NPS as External Directory

  • Go to External Directories and Click on Add Directory button
  • Go to RADIUS tab
  • Configure the below details to add NPS as RADIUS Server:
    • Server Name - Any name for your reference.
    • Server Host - Public IP address of the NPS Server.
    • Server Port - The Port on which NPS listens to the RADIUS requests. (It is generally 1812)
    • Shared Secret
  • After configuring the given above details, Click on Save.
    • Radius MFA using MSCHAPv2 protocol

2. Configure RADIUS App in miniOrange

  • Edit the previously created RADIUS application.
  • Go to Advanced Settings.
  • Select the Server Name which you chose in the previous step as the Primary Identity Provider.
    • Radius MFA using MSCHAPv2 protocol

3. Configure NPS Server

a. Configure New RADIUS Client

  • Add a friendly name for your reference.
  • Add radius.xecurify.com in the Address field.
  • Type the Shared Secret which you have configured earlier in miniOrange.
    • Radius MFA using MSCHAPv2 protocol

b. Configure a Connection Request Policy

  • Give a policy name for your reference, set Type of Network Access Server as Remote Access Server and then click on Next.
    • Radius MFA using MSCHAPv2 protocol

  • Add condition for NAS Port Type with value as Virtual(VPN) OR Wireless - IEEE 802.11 OR Wireless - Other then click Next.
    • Radius MFA using MSCHAPv2 protocol

  • Check Authenticate requests on this server and click Next.
    • Radius MFA using MSCHAPv2 protocol

  • Check Override network policy authentication settings and Microsoft Encrypted Authentication version 2 (MS-CHAP-v2) as authentication method, then click Next.
    • Radius MFA using MSCHAPv2 protocol

  • Click next on this screen without changing anything.
    • Radius MFA using MSCHAPv2 protocol

  • Verify the settings which you have configured and then click on Finish.
    • Radius MFA using MSCHAPv2 protocol

c. Configure Network Policy

  • Give a policy name for your reference, set Type of Network Access Server as Remote Access Server and then click on Next.
    • Radius MFA using MSCHAPv2 protocol

  • Add condition for NAS Port Type with value as Virtual(VPN) OR Wireless - IEEE 802.11 OR Wireless - Other then click Next.
    • Radius MFA using MSCHAPv2 protocol

  • Check Access Granted and click on Next.
    • Radius MFA using MSCHAPv2 protocol

  • Check Microsoft Encrypted Authentication version 2 (MS-CHAP-v2) as authentication method, then click Next.
    • Radius MFA using MSCHAPv2 protocol

  • Click next on this screen without changing anything.
    • Radius MFA using MSCHAPv2 protocol

  • Click next on this screen without changing anything.
    • Radius MFA using MSCHAPv2 protocol

  • Verify the settings which you have configured and then click on Finish.
    • Radius MFA using MSCHAPv2 protocol

Want To Schedule A Demo?

Request a Demo
  



Our Other Identity & Access Management Products

Single Sign-On

Seamless login for workforce and customer identity to cloud or on-premise apps

Learn more

Multi-factor Authentication

Secure access for identities with an additional layer of authentication

Learn more

Adaptive Authentication

Block or grant user access based on IP, Device, Time & Location

Learn more

Lifecycle Management

Manage & automate user provisioning and deprovisioning to apps

Learn More