Rublon Authentication Proxy Installation and Configuration Best Practices

Modified on Mon, 04 Mar 2024 at 04:59 PM

Here are the best practices for installing and configuring the Rublon Authentication Proxy:

  • Deploy the Rublon Authentication Proxy on-premises service in your internal network and:

    • Allow outbound communication from the Rublon Authentication Proxy to the public internet on TCP/443. If your firewall still blocks Rublon after this, take a look at a list of IP addresses Rublon uses and allow them.

    • Ensure that the Rublon Authentication Proxy can connect to your Identity Provider (IdP). These connections are usually done over TCP/636 (for LDAP), TCP/389 (for TLS), and UDP/1812 (for RADIUS). But they might be different if you do not use the default settings in your network.

  • If you have any SSL inspection appliances in your internal network, permit or disable SSL inspection for Rublon Authentication Proxy IPs.

  • Make a backup of your Auth Proxy config file before any major update. This way, you can easily get back to the old configuration if the new one does not work as you expected.

  • Stop and restart the Rublon Authentication Proxy service after any change in the config file for the changes to take effect. 

  • Use a password-generating tool to generate a strong and secure radius_secret.

  • If you have more than one authentication source for your server(s) (either if you use a backup authentication source or have multiple servers with different authentication sources), set the names of authentication sources to fit the following form: "AUTHSOURCE_X" (e.g., "LDAP_1", "RADIUS_2")

  • Before starting integration with a specific VPN, router, or service, test your configuration using NTRadPing.


Helpful Links

Rublon Authentication Proxy - Documentation

Rublon Authentication Proxy Modes Explained

Knowledge Base Articles on Rublon Authentication Proxy

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article