Note: This integration requires that you have already configured your VPN to work with RADIUS. See this article to configure the RADIUS agent.
Overview: This document provides information on how to enable a Windows VPN connection, protected by AuthAnvil On Demand. Before you get started, you will need the following:
The AuthAnvil Authenticator App connected to your AuthAnvil On Demand account
- IP address and PreShared Key for your VPN
Note: If you do not have a mobile device that supports the AuthAnvil Authenticator
Not everyone is going to have a supported smartphone, and in some cases, no smartphone at all. You will still be able to use the VPN connection as you currently are, with just your domain credentials. You will see no difference in your service.
Before you Start
- Ensure you have the AuthAnvil Authenticator loaded on your phone and you have completed the onboarding process.
- Ensure your Active directory password is no more than 15 characters in length as this is currently a limitation of the VPN device. (This is a common limitation of most routers when they are configured to use a PAP connection)
Note: Currently the AuthAnvil Authenticator supports iPhone 4s and later with iOS 7.0 and above, and Android Ice Cream Sandwich and above.
Creating a New VPN Connection
- To create a VPN connection, go to Control panel > Network and Sharing. Click on “Set Up a New Connection or Network” and select “Connect to a Workplace”.
- In the wizard, select Use My Internet Connection (VPN)
- Enter the address you were given for your location and a “Destination Name” that you’ll remember such as Work VPN. Leave the other settings as shown below.
Congratulations, your VPN has been created!
Before you can use it, we still need to configure some settings. To do so, please follow along with those who are updating their settings below.
Modify a new / or existing VPN Connection Settings
- Step 1 - To change the VPN connection settings, go to Control panel > Network and Sharing > Change Adapter Settings.
Note: On Win 8.1 and later, you can also hit Windows Key + X to get to the power user menu where you can select Network Connections.
- Right click on your VPN connection and choose properties, On the General tab, Change the IP address to point to the new device.
- On the Security tab, select the Advanced Settings and change the Preshared key to the one that matches the new device.
Making the VPN Connection
- Right click on the connection and select Connect/Disconnect.
- Enter in your Domain credentials (Domain username and password) when prompted to do so.
- In the AuthAnvil Authenticator app on your phone, and wait for the Push request to come in. Once approved, your VPN connection will be completed.
Note: If Push is not available for the user check out this article.
Note: Regarding using Yubikeys. Since the U2F configuration doesn't actually generate an OTP nor send any actual number, it is not meant to be used as a VPN authentication option.