Softether VPN Remote Access with Duo Multi-Factor Authentication (MFA)
This guide assumes you have a working Softether VPN server configured for remote access along with LDAP or Active Directory for remote user authentication and a Duo account with your users and their mobile devices pre-populated. If you don't have a Duo account, you can sign up for a free trial on the Duo website. Additionally, you also need to deploy a Duo Authentication Proxy server on your network using Linux or Windows.
If you need to deploy a Softether VPN server you can take a look at our docker compose example to deploy using Docker, Traefik as the reverse proxy and Lets Encrypt support.
Configure Softether Application in Duo Admin Panel
- Login to your Duo Admin Panel and navigate to Applications --> Protect and Application (Figure 1).
Figure 1
- In the Protect an Application page, enter radius in the Filter by keywords field and click the Protect button to the right of the RADIUS application from the resultant list (Figure 2).
Figure 2
- In the RADIUS application page, copy the Integration key, Secret Key and the API hostname to be used later in the configuration of the Duo Authentication Proxy (Figure 3).
Figure 3