Skip to main content

This document details how to integrate a Cyberroam VPN from Sophos with WiKID for two-factor authentication.

First, download and setup a WiKID Strong Authentication Server.  Follow the installation manual.   Finally, add the Cyberroam as Network Client on the WiKID server using the RADIUS protocol.

Then configure the Cyberroam:

Go to Identity > Authentication > Authentication Server and click Add to configure RADIUS Server parameters.  You will see the box below:
Cyberroam Radius for 2FA
For Server Type, choose RADIUS
Give the Server a name.
Specify the IP address of the RADIUS server.  This would be the WiKID server if you are going direct or NPS or another RADIUS server if you are using one. 
The Authentication port is 1812.
Enter a shared secret  This secret must be the same as you enter on the WiKID server or RADIUS server.
Integration type.  Use Loose if you are going direct to WIKID. 
Click on Test Connection and enter your WiKID username and the WiKID one-time passcode (OTP) from your software token to test your connection (Assuming you have added the Cyberroam as a Network Client on WiKID.  Please see this post for information on troubleshooting your RADIUS configuration.)
If connection is successful, click OK to save the configuration. 
Next, go to Identity > Authentication > Firewall and select RADIUS Server as primary authentication server.
Cyberroam two-factor authentication via radius
Click Apply.
That's it.  You should now be able to go to the SSL portal and login with your WiKID Credentials.
Reminder: If you are doing 2FA for PCI compliance, you should also be doing 2FA for non-console administrative access.




Copyright © WiKID Systems, Inc. 2024 | Two-factor Authentication