Cybersecurity
DevOps Cloud
IT Operations Cloud
ISSUE:
Leostream supports MFA using Radius.
The following How-To describes the steps to implement Radius MFA using AAF.
HOW TO STEPS:
1) Configure the SmartPhone Method to enroll the TOTP Method when enrolling Smartphone
Additionally, you may re-configure the TOTP step setting to give the users more time to enter the TOTP code.
2) Configure a new Chain TOTP and assign the user groups
3) Configure a new Event RadiusLeostream with the TOTP chain, put Radius into the Endpoints whitelist.
4) Configure Radius Policies, add the IP of the Leostream Broker to the clients and specify the shared secret.
Additionally, you may also configure Event- and Chain-selection rules based o the NAS-IP-Address of the Leostream Broker (this might be useful if you have other services integrated with Radius).
5) Configure AAF as MFA Provider in the Leostream Admin console
6) Assign AAF MFA to your Authentication Server
You have successfully implemented Radius MFA using AAF.