Forum Discussion

SivaG_1975's avatar
SivaG_1975
Copper Contributor
Feb 27, 2020

Azure Cloud MFA for on-premises Firewall

Hi,

I have to enable Azure cloud MFA for my on-premises firewalls. (FortiGate / palo alto Global protect

 

Can i get any document or step by step guide for this.

1 Reply

  • Cian Allner's avatar
    Cian Allner
    Silver Contributor

    It's not something I have done but in my previous job some colleagues integrated Azure MFA with a Cisco VPN and also an RDS Gateway using the NPS extension using radius:

     

    https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-nps-extension

     

    "The Network Policy Server (NPS) extension for Azure MFA adds cloud-based MFA capabilities to your authentication infrastructure using your existing servers."

     

    It's an involved configuration but I see Palo Alto support any MFA platform that can use radius, so it could be worth investigating:

     

    https://docs.paloaltonetworks.com/compatibility-matrix/mfa-vendor-support/mfa-vendor-support-table.html

     

    There used to be an Azure MFA Server you could install to integrate on-premise systems but that isn't supported for new installations.

Resources