Product and Support News

Mar
13

AuthPoint Support for MSCHAPv2 / IKEv2 VPNs Is Now Available!

Profile picture for user acagnoni
Categories:

We are happy to announce that AuthPoint Gateway v5.3.1 was just launched, adding support for RADIUS MSCHAPv2 authentications to Active Directory. This means that you can now create IKEv2 VPNs, authenticating users to Active Directory, using AuthPoint as your MFA solution.

Why IKEv2?

  • IKEv2 is the most secure VPN option available today
  • It is natively available on Windows, macOS, and iOS, and it is easily used among Android users with apps such as StrongSwan
  • For Firebox customers, being IPSec-based, IKEv2 can take advantage of crypto acceleration available on Firebox appliances, providing better performance than SSL or L2TP

You can take a look at the basic configuration needed at:

https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/authpoint/resources_radius.html

And here you can find the integration guide with Firebox, including Microsoft NPS configuration:

https://www.watchguard.com/help/docs/help-center/en-US/Content/Integration-Guides/AuthPoint/firebox-ikev2-vpn-radius_authpoint.html

It’s important to notice that IKEv2/MSCHAPv2 multi-factor authentication will only work with push-based authentication. Time-based OTPs cannot be used, since the typed in password plus OTP would be hashed together, so AuthPoint wouldn’t be able to retrieve the OTP part from the password.

Thanks for all that participated in our Beta Program!

 

Browse by Category


 

EMAIL UPDATES

Sign up to get the latest product news, updates, and support alerts from WatchGuard.

Subscribe

 

Resources


Beta Program

Resource Center

End of Life Info

Product Certifications

Product & Support News

Secplicity

"The 443" Podcast

 

Keep in Touch


  Subscribe by Email

  Subscribe by RSS

   Facebook

  LinkedIn

  Twitter

  YouTube