Configuring Juniper for PingID multi-factor authentication

Page created: 3 Jun 2020 |

Page updated: 9 Dec 2020

| 1 min read

PingId Product

Configure Juniper VPN to work with PingID multi-factor authentication (MFA).

Configuring Juniper for MFA involves the following tasks:

The following video describes the Juniper VPN configuration process.

How it works

The following image represents a general flow. The actual configuration varies depending on your organizational infrastructure considerations and policies.

A flow showing the relationship between Juniper VPN, the RADIUS server, and PingID.

Processing steps

When a user opens their Juniper IPSec or SSL VPN sign-in window and enters a username and password, their details are sent to the RADIUS Server on PingFederate through the VPN RADIUS client.
PingFederate authenticates the user’s credentials with the LDAP Server as first-factor authentication.
Upon LDAP authentication approval, the RADIUS server initiates second-factor authentication with PingID.
The RADIUS server returns a response to the Juniper VPN. If authentication is denied or an error occurs, the user's VPN window displays an error message.

Configuring Juniper for PingID multi-factor authentication - PingID

PingID Administration Guide

How it works

Processing steps