We are happy to announce that AuthPoint Gateway v5.3.1 was just launched, adding support for RADIUS MSCHAPv2 authentications to Active Directory. This means that you can now create IKEv2 VPNs, authenticating users to Active Directory, using AuthPoint as your MFA solution.
Why IKEv2?
- IKEv2 is the most secure VPN option available today
- It is natively available on Windows, macOS, and iOS, and it is easily used among Android users with apps such as StrongSwan
- For Firebox customers, being IPSec-based, IKEv2 can take advantage of crypto acceleration available on Firebox appliances, providing better performance than SSL or L2TP
You can take a look at the basic configuration needed at:
It’s important to notice that IKEv2/MSCHAPv2 multi-factor authentication will only work with push-based authentication. Time-based OTPs cannot be used, since the typed in password plus OTP would be hashed together, so AuthPoint wouldn’t be able to retrieve the OTP part from the password.
Coming soon: Microsoft NPS integration guide with all the configuration steps required for MSCHAPv2 authentication.
Thanks for all that participated in our Beta Program!