Configure VPNs and other devices to work with Portnox Cloud
In this topic, you will learn how to configure a generic VPN device to work together with Portnox™ Cloud and 802.1X RADIUS authentication for VPN connections. You can use a similar configuration for other types of NAS devices such as firewalls.
If your manufacturer or device is not listed in the left-hand side menu, here are general instructions how to configure most VPN solutions for 802.1X with Portnox Cloud RADIUS servers.
-
In the VPN web interface, navigate to the RADIUS server configuration section.
Refer to your solution’s manual for exact steps to navigate to the RADIUS server configuration section.
-
Configure the RADIUS server settings.
Enter the IP address, ports, and shared secret as configured when you created the cloud RADIUS servers.
Note: In some solutions, you may not need to provide the accounting port, and in some solutions, you may be able to provide more than one RADIUS server, including the local RADIUS server, if required. -
Set the RADIUS timeout to 30 seconds or more.
If the solution does not allow you to set the timeout to 30 seconds, set it to the maximum allowed value.
-
Configure VPN-specific settings.
Here are some other options that you may come across when configuring the VPN.
- Configure client authentication to use the MS-CHAP v2 protocol.
- Select the VPN type (e.g., L2TP, SSL).
- Select the virtual IP address pool for the VPN clients.
- Configure IPSec settings with pre-shared keys and encryption methods.
- Configure authentication profiles for VPN access.
- Create and configure user groups and associate them with RADIUS servers.
- Configure connection profiles with appropriate authentication and access settings.
- Set authentication overrides to streamline user access.