Issues with the Rublon Authentication Proxy may have many sources, but mostly come down to one of several cases.
Test Rublon Authentication Proxy Connection
First of all, try to locate the source of your issue. A simple ping & debug tool like NTRadPing allows you to test any RADIUS server, including the Rublon Authentication Proxy acting as one. If you wish to test an LDAP(S) server (or the Auth Proxy acting as one), use LDAP Admin. Use NTRadPing or LDAP Admin to send a request to your proxy server. If you get a successful response, then the Rublon Authentication Proxy configuration works correctly, which means that your issue probably stems from your service’s (e.g., VPN’s) configuration.
Some services offer their own debug tools. For example, pfSense allows you to test your Authentication Server (Rublon Authentication Proxy) connection.
Review Your Configuration File
If your NTRadPing/LDAP Admin test did not succeed, review your Rublon Authentication Proxy configuration file located in Rublon Auth Proxy\config on Windows and rublonauthproxy/config on Linux.
Check File Structure
Ensure your file uses a proper JSON or YAML convention. All property names must be lowercase. Double-check that your file contains no spelling mistakes.
Recheck Your Tokens
Ensure the application tokens set in your configuration file are correct.
Copy values of rublon_token and rublon_secret from your Authentication Proxy application in the Rublon Admin Console and paste these values into your Rublon Authentication Proxy configuration file.
Note: You must copy the Authentication Proxy application tokens, not the organization tokens.
RADIUS Only: Recheck Your RADIUS Secret
radius_secret is one of the RADIUS properties you set in your Rublon Authentication Proxy configuration file. You must generate the radius_secret yourself. Most services you integrate with Rublon require this value. For example, during OpenVPN on pfSense configuration, you must enter the value of radius_secret in the Shared Secret field under RADIUS Server Settings.
LDAP(S) Only: Ensure the Access User has the required permissions
Ensure the Access User (access_user_dn) has all the necessary permissions to read the LDAP directory tree.
Review Your Integration Configuration
The mistake may be on the integration’s side.
Use Rublon Authentication Proxy as a RADIUS/LDAP(S) Server
Remember that Rublon Authentication Proxy acts as a RADIUS/LDAP(S) server, so when you configure your integration, always act as if you were configuring RADIUS/LDAP(S).
Examine Your Firewall
Rublon Authentication Proxy uses UDP ports 1812 and 1813 for communication for RADIUS servers, TCP 389 for LDAP servers, and TCP 636 for LDAPS servers. Your firewall might be blocking the Rublon Authentication Proxy from communicating with Rublon API. Temporarily turn off your firewall and check if this fixes your issue. If the Rublon Authentication Proxy works when your firewall is off, then you must add Rublon to the allowlist in your firewall.
Check Your Network Settings
If all other advice proved fruitless, your issue is probably connected to your network.
Rublon Authentication Proxy and your integrated service (e.g., VPN) must be in the same subnet so that they can ping each other. Otherwise, communication is not possible. You may be able to circumvent this requirement by a custom configuration on your network.
Issue Still Persists
If you still have issues or questions, contact Rublon Support.
You can send us your configuration file, and we will review it for you.
Helpful Links
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article