Troubleshooting Rublon Authentication Proxy issues

Modified on Mon, 04 Mar 2024 at 05:28 PM

Issues with the Rublon Authentication Proxy may have many sources, but mostly come down to one of several cases.

Test Rublon Authentication Proxy Connection

First of all, try to locate the source of your issue. A simple ping & debug tool like NTRadPing allows you to test any RADIUS server, including the Rublon Authentication Proxy. Use NTRadPing to send a request to your proxy server. If you get a successful response, then the Rublon Authentication Proxy configuration works correctly, which means that your issue probably stems from your service’s (e.g., VPN’s) configuration.

Some services offer their own debug tools. For example, pfSense allows you to test your Authentication Server (Rublon Authentication Proxy) connection.

Review Your Configuration File

If your NTRadPing test did not succeed, review your Rublon Authentication Proxy configuration file located in rublonauthproxy/config.

Check File Structure

Ensure your file uses a proper JSON or YAML convention. All property names must be lowercase. Double-check that your file contains no spelling mistakes.

Recheck Your Tokens

Ensure the application tokens set in your configuration file are correct.

Copy values of rublon_token and rublon_secret from your Authentication Proxy application in the Rublon Admin Console and paste these values into your Rublon Authentication Proxy configuration file.

Note: You must copy the Authentication Proxy application tokens, not the organization tokens.

Recheck Your RADIUS Secret

radius_secret is one of the properties you set in your Rublon Authentication Proxy configuration file. You must generate the radius_secret yourself. Most services you integrate with Rublon require this value. For example, during OpenVPN on pfSense configuration, you must enter the value of radius_secret in the Shared Secret field under RADIUS Server Settings.

Review Your Integration Configuration

The mistake may be on the integration’s side.

Use Rublon Authentication Proxy as a RADIUS Server

Remember that Rublon Authentication Proxy acts as a RADIUS server, so when you configure your integration, always act as if you were configuring RADIUS. For example, while configuring Rublon for OpenVPN on pfSense, you must set Type to RADIUS (in Authentication Servers) even if you use Active Directory or OpenLDAP as your identity provider. If you set Type to LDAP, your configuration will not work.

Examine Your Firewall

Rublon Authentication Proxy uses UDP ports 1812 and 1813 for communication. Your firewall might be blocking the Rublon Authentication Proxy from communicating with Rublon API. Temporarily turn off your firewall and check if this fixes your issue. If the Rublon Authentication Proxy works when your firewall is off, then you must add Rublon to the allowlist in your firewall.

Check Your Network Settings

If all other advice proved fruitless, your issue is probably connected to your network.

Rublon Authentication Proxy and your integrated service (e.g., VPN) must be in the same subnet so that they can ping each other. Otherwise, communication is not possible. You may be able to circumvent this requirement by a custom configuration on your network.

Issue Still Persists

If you still have issues or questions, contact Rublon Support.

You can send us your configuration file, and we will review it for you.

Helpful Links

Rublon Authentication Proxy - Documentation

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article