![]() To prepare the app to scan the QR code on the MySonicWall Two-step Verification page, tap Scan a barcode under Manually Add an Account. Launch the Google Authenticator app on your phone or tablet and tap on Begin Setup. Initializing the Google Authenticator Appġ. On your smart phone or tablet, search for “authenticator” in the Windows Phone Store, Google Play store, or Apple App Store and tap on Microsoft Authenticator or Google Authenticator to select it.ģ.Ěllow the installation to complete by agreeing to any requirements. WiKID(tm) is a trademark of WiKID Systems, Inc.The Microsoft Authenticator App is available from the Windows Phone Store, and the Google Authenticator App is available from Google Play or the Apple App Store.ġ. SonicWall(tm) is a trademark of SonicWall Inc. We invite you to learn more about our technology and architecture and to download and test the Enterprise version. The WiKID Strong Authentication System is a very reasonably priced two-factor authentication solution. Be sure to run "stop"/"start" on the WiKID server. If you don't see anything after the "Passcode Request Successful", then the OTP validation is not getting to the WiKID server from the SonicWall. After that you should see "Successful Online Passcode Validation". When a one-time password is requested, you will see "Passcode Request Successful" in the logs. If it doesn't work, check the WiKID server logs. Now start up SonicWall VPN client and try to login with a WiKID one-time password. Click on your registration code (it should be the only one) and enter your desired username - it should be a username the SonicWall will accept.Login to the WiKID Admin server again and click on the Users tab, then "Manually Validate a User".You will get a registration code back from the WiKID server. Select "New Domain" and enter the 12 digit domain identifier you set up on the WiKID server.Now, let's test the system by setting up user manually: That should be it for setting up the SonicWall for two-factor authentication. Important: From the WiKID terminal or via SSH, you will need to run "stop" and then "start" to load the new configuration into the WiKID Radius server.You do not have to enter any information under "Return Attributes". On the next page, enter the shared secret you entered on the Sonic Wall server.Select Radius and the domain you just created. For the IP Address, use the IP address of your SonicWall VPN appliance. Click Network Clients tab and on "Create a new Network Client".So, if the external IP address is 216.239.51.99, the WiKID server code would be 216239051099. The Domain Server code is the zero-padded IP address of the WiKID server. Log into the WiKID server and click on the Domains Tab.Now, we'll add the second factor: WiKID.Check the box that says Require XAUTH/RADIUS.In the Security Association field, choose GroupVPN.Open the VPN window on the admin interface and choose the Configure tab.Now, enable RADIUS authentication with GroupVPN on the SonicWall server.Click Update to update the configuration.Enter the shared secret that will be used on the WiKID server.The default is 1812, which is what WiKID uses. Enter the IP address of the WiKID server.Configure an amount of retries and timeouts.Go to VPN window and go to the RADIUS tab.Log in to the SonicWall admin interface.First, on the SonicWall configure the RADIUS server settings.If this is a new SonicWall VPN setup, test logging in without a WiKID one-time password before adding in two-factor authentication. This document details how to configure a SonicWall VPN appliance to pass authentication requests to the WiKID server. A SonicWall VPN appliance combined with two-factor authentication from WiKID secures your perimeters in a very cost-effective manner. More and more small companies are required to use two-factor authentication for remote access to corporate assets. A WiKID customer just added two-factor authentication to their a SonicWall VPN appliance setup and we took the opportunity to document the effort, which was extremely simple.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |