Page created: 3 Jun 2020 |
Page updated: 30 Aug 2022
Before you begin, complete the following tasks:
- Your organization has installed and configured PingFederate. For more information, see Installation.
- PingFederate is configured with an LDAP Password Credential Validator (PCV). For more information, see Managing Password Credential Validator instances.
- You have administrator credentials for the PingFederate administrative console.
- Your VPN is configured to use the Password Authentication Protocol (PAP), MS-CHAP
v2, or MS-CHAP v2 (EAP).Note:
CHAP is not supported by PingFederate RADIUS server.
- To apply PingID policy features that require IP address information, the client IP
address must be provided. The client IP must be sent using the RADIUS attribute
66:Tunnel-Client-Endpoint. For more information, see Configuring a VPN and SSH access policy.Note:
If the client IP attribute is not included:
- IP-based policies will not work.
- Entries in the PingOne report IP address field will show a value of N/A.
Integration for devices using a RADIUS server is a two stage process
The first stage consists of installing the PingID integration kit for VPN and then configuring the RADIUS server on PingFederate. See Installing the PingID Integration Kit for VPN and Configuring a RADIUS server on PingFederate. You should also look at PingID RADIUS PCV parameters reference guide.
The second stage is configuration of your VPN device. Currently supported devices are covered as follows: