Here at Splashtop and Foxpass, the new developments and innovation never end. So, we’re excited to officially announce some new features we've rolled out over the past few months.

RADIUS Attributes & VLAN

You can now return RADIUS attributes to enable VLAN assignment and other capabilities for your RADIUS clients. Simply create a set of attributes from the RADIUS Attributes page, then assign it to a client from the RADIUS Clients page.

You can add Constant Attributes (which return the same value for all calls) and Conditional Attributes (which return specific values depending on a user’s group memberships). We also support vendor specific codes, so let us know if you don't see your setup listed and we'll add it.

You can read more detailed instructions of setup and configuration for general attribute sets here or for VLAN assignment here.

LDAP MFA

We've added multi-factor authentication support for LDAP, using Duo. MFA can be enabled for a company from the Configuration page. When enabled, all users will use MFA for LDAP operations, but you can exempt specific users. Please note that LDAP binders cannot use MFA.

You can also set an MFA policy for when the MFA provider is down or otherwise unreachable. Foxpass will use that policy to either allow or restrict all LDAP operations with a correct password. Setting the policy to “Ignore” will ignore the MFA failure and allow the login, and “secure” will default to a secure model and block the login.

Posix Users & Groups

You can now specify which users and groups return Posix information through LDAP. Posix users are employees who don't need SSH access but do need LDAP access for things like OSX machine logins.

You can modify whether a user is returned from the Users page in the “Unix Info” column. “Engineer” and “Posix” user types contain Posix info, while ‘Standard’ users do not. Additionally, you can modify a user’s Posix setting from the API, which is documented here.

You can also explicitly manage which groups are returned to your servers from LDAP queries. You can specify whether these groups are a “posixGroup” or not on the Groups page. You can also change the default for new groups from the Config page.

Hostgroups Temporary Groups & API

You can now add temporary group memberships to hostgroups. Temporary group memberships can be managed on the Hostgroups page the same way as temporary user memberships.

We've also extended our API to support hostgroup membership operations for both users and groups. Read up on documentation for that here.

Office 365 Delegated Auth

We’ve added Office 365 to our list of delegated authentication options. Delegated authentication uses Foxpass as a proxy to pass users’ passwords through Foxpass to a designated identity provider, so your users can utilize SSO across their whole stack.

You can enable delegated authentication on the Authentication Settings page.

User Filter & Username in Dashboard

We've added the ability to filter users by first or last name on the Users page. Additionally, if one of your users forgets their username, they can check it from their dashboard.

Coming Soon:

Foxpass Cache

We’re wrapping up development on a Foxpass cache you can run locally in a Docker container. If your hosts or access points can’t reach Foxpass’s servers, they’ll use your local cache as a fallback option.

StartTLS Support

Our LDAP servers will soon support StartTLS.

Please contact us if you'd like to be involved in our beta test!

Upgrade Your Security

Want to bring the best in secure access control to your business? Click here to learn how Foxpass can help you avoid costly security mistakes: