- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Using my Client VPN, can I integrate Google Authenticator as a 2FA
Hi,
For our Client VPN, we are checking the possibility of integrating Google or Microsoft Authenticator as a 2FA. Do we have any other options aside from Duo?
Solved! Go to solution.
- Labels:
-
Client VPN
-
Other
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you use Microsoft NPS with the NPS extension then you can use Microsoft MFA. It's a lot of messing about. It has poor logging and diagnostics. It tends to break about once a year and you have to randomly do things (because of a lack of logs and diagnostics) to get it going again. If you have access to free labour then this is an attractive option.
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-nps-extension
Cisco Duo requires that you install the authentication proxy which provides RADIUS, and can back directly into Active Directory. It has lots of logs so you can see what's happening. You'll probably have it going in 30 minutes (once you have all your users enrolled), and never need to touch it again.
https://duo.com/docs/meraki-radius
Note that both solutions require you to use "push" notifications, so the users must install the relevant app on the mobile device.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@D2Flores : check this article and scroll down at the end you will see google there
https://documentation.meraki.com/General_Administration/Other_Topics/Two-Factor_Authentication
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you use Microsoft NPS with the NPS extension then you can use Microsoft MFA. It's a lot of messing about. It has poor logging and diagnostics. It tends to break about once a year and you have to randomly do things (because of a lack of logs and diagnostics) to get it going again. If you have access to free labour then this is an attractive option.
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-nps-extension
Cisco Duo requires that you install the authentication proxy which provides RADIUS, and can back directly into Active Directory. It has lots of logs so you can see what's happening. You'll probably have it going in 30 minutes (once you have all your users enrolled), and never need to touch it again.
https://duo.com/docs/meraki-radius
Note that both solutions require you to use "push" notifications, so the users must install the relevant app on the mobile device.
