Adding MFA to Microsoft RRAS

Note: This integration does not support the use of Push. You will need to use OTP.


Setting up MFA for RADIUS is a requirement for this integration. Please see this article for more information.

Configuring RRAS to support RADIUS Authentication


  1. Go to the Start Menu and click on Administration Tools.
  2. Go to Routing & Remote Access (RRAS)
  3. Highlight the RRAS Server and right click > Properties.
  4. Go to the Security tab; change the Authentication Provider to RADIUS Authentication.
  5. Click on the ‘Authentication Methods’ button below and ensure PAP is the only one checked.
  6. Click on Configuration button to configure the RADIUS Server options.
  7. Click Add to enter the IP address and port of the RADIUS Agent; this will be the server RADIUS authentication requests are sent to.
  8. Reset RRAS to accept the new configuration. To do this, follow these instructions:
    Open a Command Prompt by clicking Start > Run and then typing cmd.
    Type net stop remoteaccess
    After it completes, type net start remoteaccess
    Note: Be sure you have the IP of the RRAS Server added into the RADIUS Config.

See this article for configuring the connection to the VPN.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us