Is it possible to set up OKTA RADIUS policies based upon the address the RADIUS request is coming from?
Right now it's looking like Okta RADIUS is a global policy, but I'l like to use Okta RADIUS to force MFA for multiple VPN connections which would use different Okta groups to determine who gets to log on to each one. I am not having good luck with the fine-grained LDAP example in the Okta documentation. I can do the coarse grained MFA and the LDAP Group look up separately, but the two together are not working. Figured that Okta knows the source of the RADIUS call, that address should be able to be used to set up some rules
We're trying to configure multiple MFA policies against two different VPN technologies (Pulse and OpenVPN). We've run into the same roadblock where we can only use one policy which overrides the rest. I hope this gets resolved sooner than later.
There is a beta program for the latest version of the Radius Agent which is supposed to support what we're after in this thread. We're just getting going with it. If you're interested in joining the beta just email "firstname.lastname@example.org" with Subject "Multiple Radius Agents BETA".