Configure DualShield for Watchguard MFA

Create a RADIUS logon procedure

1. Login to the DualShield management console
2. In the main menu, select “Authentication | Logon Procedure”
3. Click the “Create” button on the toolbar
4. Enter “Name” and select “RADIUS” as the Type
   
   
   
   
5. Click “Save”
6. Click the Context Menu icon of the newly created logon procedure, select “Logon Steps”
7. Create 2 logon steps, e.g. Step 1: Static Password, Step 2: One-Time Passord
   
   
   
   
8. Click “Close”

Create a RADIUS application

1. In the main menu, select “Authentication | Applications”
2. Click the “Create” button on the toolbar
3. Enter “Name”
4. Select “Realm”
5. Select the logon procedure that was just created 
   
   
   
   
6. Click “Save”
7. Click the context menu of the newly created application, select “Agent”
   
   
   
   
8. Select the DualShield Radius server, e.g. ”Local Radius Server”
9. Click “Save”
10. Click the context menu of the newly created application, select “Self Test”
    
    

Register the WatchGuard SSL VPN as a Radius client

1. In the main menu, select “RADIUS | Clients”
2. Click the “Register” button on the toolbar
   
   
   
   
3. Select the application that was created in the previous steps
4. Enter the WatchGuard's IP in the IP address
5. Enter the Shared Secret which will be used in WatchGuard's settings.
6. Click “Save”