2Fa for VPN remote access users

in VPN Client
I’m trying to setup 2FA for my VPN users, Can this be done using the WANgroup VPN (IKE)?
I have it configured for the SSLVPN and it works, but I don’t see how to setup unique bookmarks for each user. This was a tab on the local user setup on my prior NSA device.
I no longer have the Bookmarks tab when setting up a user. My current TZ570 SonicOS 7.0.1-5030-R2007
I need my remote users to have the TOTP enabled using the Microsoft Authenticator and prefer using the Global VPN if possible
Category: VPN Client
0
Answers
From: https://www.sonicwall.com/support/knowledge-base/configuring-one-time-passwords/170505594681886/
CAUTION: OTP cannot be configured for Global VPN Client (GVC) users. Instead, GVC users can use RSA token for two-factor authentication. Please refer to Two Factor Authentication Using RSA Radius And SecurID For SonicWall GVC And NetExtender Clients
Is there a simpler guide on how to actually implement the document you are linking to?
Do you have to purchase this RSA Radius Server? Can you install it as a VM? that sort of stuff ...