Basic Authpoint Guidance

sjonesin1

I'm going to go ahead and put myself out there...I have churned through lots of documentation and various steps to get a test authpoint environment set up, but became a bit overwhelmed with multiple cloud set up(s), phone setups, Firewall setups, radius setups, etc.

The vast majority of my clients:
1. Use sslvpn integrated with on-premise AD for authentication
2. All I need is an MFA prompt for users when OUT of the office connecting via VPN
3. Can someone give me the basic outline/components I'll need? I'm happy to read the docs and such, and if it's complex, I'll just have to deal with it! haha!

thanks in advance,

steve

james.carson

Hi @sjonesin1
The following integration guide covers SSLVPN with AuthPoint, and is likely what you're looking for:
https://www.watchguard.com/help/docs/help-center/en-US/Content/Integration-Guides/AuthPoint/firebox-ssl-vpn-radius_authpoint.html

1 and 2. You can set up "Network Locations" -- they're in step 7 of this page:
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/authpoint/authpoint_deployment-guide.html
Users will always log into AuthPoint, which checks their authentication against AD. If their location matches the one set, they are allowed to authenticate without the second factor.

3. You'll need to follow the guide in the first link and then set up network locations in the second link. Make sure the first part is working before you set up the second, so you're not trying to troubleshoot two things at once if something isn't working.

sjonesin1

thanks james. I'll parse through this in the next week or so and may post back here if I get bogged down.

thanks!