RapidIdentity MFA OTP, PingMe, & DMZ
This architecture is a representative example of one possible implementation in which an environment leverages one-time password (OTP) and PingMe as authentication methods, which require a demilitarized zone (DMZ).
 |
Database Selection
This implementation also uses Microsoft SQL as its database of choice, however, any database supported by RapidIdentity is possible in this architecture (e.g. MySQL, PostgreSQL). Thus, it is only necessary to open the database ports specific to the implementation.
This table summarizes the ports for this implementation not described elsewhere on this page.
Port | Role |
|---|---|
TCP 1443, UDP 1444 | Microsoft SQL Server. |
TCP & UDP 2195 | Apple Push Notifications. |
TCP & UDP 5228 | Android Push Notifications. This is the primary port number, however, ports 5229 and 5230 are also used for this service. |
UDP 1812, 1813 | RADIUS, but only necessary if installing a Network Policy Server (NPS) on the same server to accommodate OTP to VPN authentication or for a number of other integration points. |