TOTPRadius VPN Portal - Client Authentication flowNo special VPN client installation is required for VPN Portal-based authentication to function, although we have released a special VPN helper app to simplify the user experience and make the process as fast as possible; one click will be enough to establish a VPN link. The VPN Portal will support systems relying on standard VPN protocols (LT2TP and L2TP/IPSec), such as Meraki Client VPN and Fortinet VPN solutions.
The data flow diagram below illustrate the principle of the VPN Portal
User logs in to a web interface where several files are generated. The user chooses to download a file named username.t2vpn and double-clicks on it (in some browsers it is possible to configure to "always open the file of this type" - this will save an extra click). If installed, our VPN Helper app (T2VPN) launches, parses the t2vpn file, extracts the VPN info (host, connection type, username and password) and initiates VPN connection. Once the connection is successful, the t2vpn file is removed for security purposes. Here is how the process looks like under Windows 10:
Using T2VPN app is optional, there are possibilities to use a batch file for Windows, or .mobileconfig files for iOS and MacOS machines - however executing these options require additional user actions.
- Installation and initial configuration
- Network configuration
- Migrating from older versions
- LDAP Configuration
- Azure AD Configuration
- Self-service enrollment portal
- Web and LDAPS Certificates
- Syslog configuration
- Single-factor authentication exceptions
- Slave appliance mode
- Dynamic RADIUS Attributes
Manage and use TOTP/HOTP codes via Python CLI script using a PC/SC device (USB NFC) or directly via USB. A cross-platform solution that works under Windows, macOS and Linux platforms.
Python-based tools are essential not only for their cross-platform compatibility, but also because their source-available nature allows experts/developers to examine the source code, ensuring transparency and minimizing the risk of hidden vulnerabilities or malicious elements. A GUI wrapper for the script is also available.
Token2 is excited to announce the upcoming mass production of their revolutionary PIN+ series, a line of FIDO2 Security keys. These security keys feature advanced PIN complexity rules that set a new standard for security. The firmware development for the PIN+ series is now complete, and the company is currently making preparations for mass production.
In a significant development for iOS users, Microsoft Azure Active Directory (AD) has expanded its support for FIDO2 security keys on the Safari browser. This advancement is a crucial step towards enhancing security and usability on Apple's mobile devices, ensuring seamless authentication experiences for Azure AD users. With FIDO2 security keys, users can now enjoy passwordless access to their Azure AD accounts, boosting convenience and significantly reducing the risk of password-related attacks. Let's dive deeper into this exciting development and explore the benefits it brings to iOS users.