Configure Watchguard SSL VPN with AuthLite
To do 2-factor authentication with the Watchguard SSL VPN:
- Your Watchguard must be set to authenticate with RADIUS (LDAP must not be used with Watchguard, to prevent a problem where passwords could get logged by AuthLite inadvertently believing they were usernames)
- Your domain needs one or more member servers or DCs running the Network Policy Service
- The NPS radius client and network policy must be set up correctly (including a Filter-ID)
- AuthLite must be installed on the system(s) running your NPS,
- The AuthLite NPS plugin must be enabled.
The following steps will describe the above items in greater detail.