An Overview of How to Integrate 2FA in a VPN Gateway with iDaaS and Active Directory

Prerequisites

Before you begin, make sure:

Procedure

  1. Enable iDaaS and integrate with Active Directory
  2. Sync up the Active Directory account to iDaaS
  3. Configure VPN Gateway with SSLVPN and enable 2FA with iDaaS
  4. Verify the results

Enable iDaaS and Integrate It with the Active Directory

Follow these steps to enable iDaaS in the iDaaS console and integrate with the Active Directory:

  • Set the LDAP Base, LDAP Account, and LDAP account password to the values of AD
  • Set the Filter Condition to (sAMAccountName=$username$)
  • Select the Update iDaaS Password to update the LDAP password in iDaaS

Sync up the Active Directory Account to iDaaS

1. Navigate to Organizations and Groups under Users, click Configure LDAP, and Create on the right side to configure LDAP settings:

  • Set the LDAP Base DN, Administrator DN, and password to the values of AD
  • Select Windows AD

Configure the VPN Gateway with SSLVPN and Enable 2FA with iDaaS

1. Log on to the Alibaba Cloud VPN Gateway console and click Create VPN Gateway:

Verify the Results

1. Depending on which operating system you are using, you will need to download and install the VPN software that supports the OpenVPN protocol. Double check the .ovpn file to connect to the Alibaba Cloud VPN Gateway:

Original Source:

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store