Page created: 3 Jun 2020
|
Page updated: 9 Dec 2020
Configure Juniper VPN to work with PingID multi-factor authentication (MFA).
Configuring Juniper for MFA involves the following tasks:
The following video describes the Juniper VPN configuration process.
How it works
The following image represents a general flow. The actual configuration varies depending on your organizational infrastructure considerations and policies.
Processing steps
- When a user opens their Juniper IPSec or SSL VPN sign-in window and enters a username and password, their details are sent to the RADIUS Server on PingFederate through the VPN RADIUS client.
- PingFederate authenticates the user’s credentials with the LDAP Server as first-factor authentication.
- Upon LDAP authentication approval, the RADIUS server initiates second-factor authentication with PingID.
- The RADIUS server returns a response to the Juniper VPN. If authentication is denied or an error occurs, the user's VPN window displays an error message.