Windows RADIUS proxy

Enterprise Connect brings the capability for a remote authentication dial-up service (RADIUS) proxy to be installed on a Windows machine via the RADIUS protocol.

The RADIUS proxy changes the local RADIUS call to a secured REST API call, allowing local RADIUS clients to connect to ForgeRock for authentication. In turn, the capability to use MFA is provided, allowing tools, such as a virtual private network (VPN), to be enhanced.

Install Windows RADIUS proxy

Install and configure the Windows RADIUS proxy on a Windows machine(s).

Configure Linux SSH to use Windows RADIUS proxy for MFA

Post installation of the Windows RADIUS proxy on a Windows machine(s), explore the use case of setting up MFA on SSH login with Linux machines.

The ForgeRock integration supports the following authentication methods via PAP (password authentication protocol):

Push notifications (this is the preferred and recommended method) via the ForgeRock Authenticator application.
Time-based one-time passcodes (TOTP/OATH) via the ForgeRock Authenticator application.
Simple username and password credentials.

The subsections serve as the basis for installing the RADIUS proxy on a Windows machine.