Firebox - Radius with MS Auth
I have been a user of WG fireboxes for years, been great.
At present I have 75 users VPN into the Firebox with a local user / password on the firebox to secure a VPN connection the thier AD stats thereafter.
This has grown 10 fold with everyone working from home (at this time).
We have a 2019 AD and Office 365 with MFA across 200 users (75 only have VPN access). We sync our AD with azure, All great.
What I would like to do (looking at this from the users experience) is:
- Move away from the Firebox user/pass and move to a Windows Radius solution using Server2019
- Integrate the Firebox into the Windows Radius server (seems easy enough) and then have the Raduis box integrate with Azure MFA - very much like Office 365 currently does.
Users will then only have their AD account & password & MFA - a process they are all familiar with and takes a load of the IT guy. (forgot password, or which one AD or the other? common questions)
Alternatively, I could use AD (user, pass and MFA) without radius.
Would that be an option?
Also I want to keep the Firebox user/pass so I can run it inconjunction while I roll out the new solution. We have users all over the world and many will need hand holding (they are not IT savvy people at all).
Just trying to stream line the user experience and want the "tech" to help.
Any suggestions would be stellar.