| Yubico Forum https://forum.yubico.com/ |
|
| YubiRADIUS with Forefront TMG https://forum.yubico.com/viewtopic.php?f=5&t=781 |
Page 1 of 1 |
| Author: | chris5287 [ Fri Apr 06, 2012 11:53 am ] |
| Post subject: | YubiRADIUS with Forefront TMG |
Hi, does anyone have any experience setting up Forefront TMG to use YubiRADIUS. (I have YubiRADIUS setup as an Active Directory client) I can setup TMG to use 'Radius OTP' on it's listener, so the form page appears asking for username, passcode (ie: Password+OTP) and internal password, however this requires the user to enter their password twice (Once so that the YubiRADIUS can perform the 2FA, and then again so the internal service can be delegated the credentials required). From my reading on the internet, it appears I need to get the YubiRADIUS to send 'access-challenge' to TMG to get it so that the user can first enter their normal username/password and then when it received 'access-challenge', TMG asks the user for their OTP, keeping their password and otp separate and therefore allowing delegation to occurr after TMG has completed the 2FA with YubiRADIUS. I hope this makes sense! If not please correct me as this is all a bit new to me and i'm keen to learn. |
|
| Author: | samir [ Wed Apr 11, 2012 11:06 am ] |
| Post subject: | Re: YubiRADIUS with Forefront TMG |
Hi, We believe it is possible to configurable the MS FUAG to not require double authentications but we would encourage you to contact Yubico at support@yubico.com so that we together can test out any options and once we have a working configuration we can post the result back to the forum. Thanks! Samir. |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|