So here is my situtation. We sell and deploy ERL's to our customers. Currently, we are setting up the PPTP VPN on the ERL with RADIUS auth for remote access. We use the Windows VPN client to connect to each ERL and then remote in through the VPN. We are using a product called AuthAnvil for authentication. We have to install a RADIUS agent on a Windows PC within the LAN of the customer (behind the ERL) and we point the ERL to that PC's IP for the RADIUS server. That agent emulates a RADIUS server and forwards the credentials to our AuthAnvil server which then sends back the success or failure of the login.
The problem we are having is this windows radius agent is not very stable and tends to not be running. We have scripts that help keep it up, but its becoming a problem and we lose the ability to connect to the VPN.
I found this company:
They seem to have a similar solution to AuthAnvil. One thing differert is that they have a Linux RADIUS agent that would forward the login request to their servers. https://duo.com/docs/radius I'm wondering if anyone would think if it would be possible to install that Linux Agent on the ERL itself?? This way we wouldn't need a windows agent installed and everything would be contained on the ERL.
Thoughts on this, or maybe other 2fa solutions out there that people have used for 2fa VPN access??
Thanks!!!!