Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 42 subscribers
  • Views 2240 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

MFA for SSL VPN but not for Captive Portal

Levent Onen

Hi, 

We have enabled MFA for our SSL VPN users, however that has meant that it has been enabled for the Captive Portal as well.  We really do not want to have users authenticate to the captive portal with MFA, in fact we would really prefer an SSO solution since we get many tickets generated with users struggling to login to the Captive portal when we reboot the firewall after upgrades.  

We have implemented STAS and everything seems to be working.  All tests when we query workstations are successful, we see live users populate etc.  However users are still being forwarded to captive portal.  We opened a ticket but the tech wasn't sure if STAS works with MFA.  

Any help would be greatly appreciated.  



This thread was automatically locked due to age.
Parents
  • 0

    Hi Levent Onen,

    Please navigate to CONFIGURE--->Authetication --->Multi-factor authentication  and check Multi-Factore authentication (MFA)settings 

    If you have enabled One-time password (OTP) for all the users you have to authenticate all the users with MFA

    You can select "No OTP" and Click on Apply and check to resolve your issue : 

    Hope this resolve your issue.

    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Bharat J

    Thanks for the suggestion but as clearly stated in my original post we did enable OTP and we would like to keep it.  We do not want to use OTP for internal authentication to the firewall.  

Reply Children
No Data
Unfiltered HTML