RADIUS-Compliant Two Factor Authentication

(Feature Available only in Premium Edition)

Overview

You can integrate RADIUS server or any RADIUS Compliant two Factor Authentication system (like Vasco Digipass) with PMP for the second factor authentication.

 

Following is the sequence of events involved in using RADIUS-based authentication system as the second factor:

 

Steps to leverage any RADIUS based authentication as the second factor has been explained below.

 

Enabling RADIUS Authenticator

Summary of Steps

  1. Setting up two factor authentication in PMP

  2. Enforcing two factor authentication for required users in PMP

Step 1: Setting up Two Factor Authentication in PMP

The first step is to enable two factor authentication. To do that,



  1. Go to "Admin" tab and click "Two Factor Authentication"

  2. Choose the option "RADIUS Authenticator"

  3. In the UI that opens, provide the following details:

  4. Click "Save"

 

Step 2: Enforcing Two Factor Authentication for Required Users

 

In step 1 above, you have chosen Google Authenticator as the option for two factor authentication. After choosing this option, you need to apply two factor authentication for the required users. You can do this from the GUI that pops-up upon clicking "Save' button in step 1 above. Alternatively, you can do this as explained below:

 

To enforce two factor authentication for a user,

 

How to connect to PMP Web-Interface when TFA through RADIUS Authenticator is Enabled?

Connecting PMP Web-Interface

The users for whom two factor authentication is enabled, will have to authenticate twice successively. As explained above, the first level of authentication will be through the usual authentication. That is, the users have to authenticate through PMP's local authentication or AD/LDAP authentication.

 

When TFA is enabled, the login screen will ask for the username alone in the first UI. The users will be prompted to enter the passwords only in the second step.

 

TFA using RADIUS Authenticator - Workflow

 

If the administrator has chosen TFA throgh RADIUS Authenticator, the two factor authentication will happen as detailed below:

 

 

 

In the next screen, you will be prompted to enter the RADIUS code:



© 2014, ZOHO Corp. All Rights Reserved.