Announcement

Collapse
No announcement yet.

Connect Azure Captive Portal

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Connect Azure Captive Portal

    I can't find documentation for connecting Azure to the Captive Portal. Our insurance company is requiring us to enable MFA for our network, and the simplest way appears to be to use O365 Azure and have users authenticate that way. In particular, I am not sure what the host address should be for Azure and I read something about requiring a certificate as well. Anyone set this up and have any insight or a link to the documentation? Thanks.

  • #2
    I'm not sure if the 'Microsoft' option in Captive Portal > User Authentication points to O365 these days, but you could try that. It's an older integration and referred specifically to Microsoft's 'use a Microsoft account' OAuth option, if I remember correctly.

    You can set up your Azure ADDS DC in Directory Connector > Active Directory. Just be sure to check the 'Azure' box when setting up the DC.
    Græme Ravenscroft • Technical Marketing Engineer
    ('gram', like the unit of measurement)
    he/him
    How can we make Arista ETM products better?

    Comment


    • #3
      Originally posted by gravenscroft View Post
      I'm not sure if the 'Microsoft' option in Captive Portal > User Authentication points to O365 these days, but you could try that. It's an older integration and referred specifically to Microsoft's 'use a Microsoft account' OAuth option, if I remember correctly.

      You can set up your Azure ADDS DC in Directory Connector > Active Directory. Just be sure to check the 'Azure' box when setting up the DC.
      They are asking for a host address and I am not sure what that is or where to find it. Checking Azure isn't working without that info.

      Thanks.

      Comment


      • #4
        Originally posted by angw11 View Post
        They are asking for a host address and I am not sure what that is or where to find it.
        By they, do you mean NG Firewall? The 'Host' attribute of the DC is the IP address of Azure ADDS. We wouldn't be able to tell you what to use there, but you should be able to find that address in your Azure config.
        Græme Ravenscroft • Technical Marketing Engineer
        ('gram', like the unit of measurement)
        he/him
        How can we make Arista ETM products better?

        Comment


        • #5
          Please clarify.

          Azure AD != Azure AD DS

          The former is AAD, the latter is just a hosted Active Directory in Azure, and the configuration plane for that service details which vnet the service is hooked to, and this creates an endpoint with a private Azure IP address you can link to.

          There's zero difference in working with Azure AD DS as it is with AD on prem, it's the same darned thing, and you need VPN access into Azure to link the LANs up if you want Untangle to be able to access it.

          You will note, this also means you need Azure AD Connect running somewhere to sync the AD into AAD, which converts your AAD identities to hybrid identities with all the baggage that applies.

          There is no way at present to have NGFW's captive portal authenticate with native AAD. Yes... it should have the ability by now, but it doesn't.
          Rob Sandling, BS:SWE, MCP, Microsoft Certified: Azure Administrator Associate
          NexgenAppliances.com
          Phone: 866-794-8879 x201
          Email: [email protected]

          Comment

          Working...
          X
          😀
          🥰
          🤢
          😎
          😡
          👍
          👎