Here are the best practices for installing and configuring the Rublon Authentication Proxy:
Deploy the Rublon Authentication Proxy on-premises service in your internal network and:
Allow outbound communication from the Rublon Authentication Proxy to the public internet on TCP/443. If your firewall still blocks Rublon after this, take a look at a list of IP addresses Rublon uses and allow them.
Ensure that the Rublon Authentication Proxy can connect to your Identity Provider (IdP). These connections are usually done over TCP/636 (for LDAP), TCP/389 (for TLS), and UDP/1812 (for RADIUS). But they might be different if you do not use the default settings in your network.
If you have any SSL inspection appliances in your internal network, permit or disable SSL inspection for Rublon Authentication Proxy IPs.
Make a backup of your Auth Proxy config file before any major update. This way, you can easily get back to the old configuration if the new one does not work as you expected.
Stop and restart the Rublon Authentication Proxy service after any change in the config file for the changes to take effect.
Use a password-generating tool to generate a strong and secure radius_secret.
If you have more than one authentication source for your server(s) (either if you use a backup authentication source or have multiple servers with different authentication sources), set the names of authentication sources to fit the following form: "AUTHSOURCE_X" (e.g., "LDAP_1", "RADIUS_2")
Before starting integration with a specific VPN, router, or service, test your configuration using NTRadPing.
Helpful Links
Rublon Authentication Proxy - Documentation
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article