As title suggests - we noticed that Sophos Connect only seems to work if the User Portal is enabled on the WAN interface.
This raises a point though > with MFA enabled this should be secure, however for people who were yet to setup MFA, would they not need to first enrol by scanning a QR code, in which case, for first time users the User Portal is effectively not secured by MFA.
So, in theory, an attacker with credentials only could then access the user portal via a web browser, log in with the credentials, then scan the QR code effectively setting up MFA.
Am I missing something here?
This thread was automatically locked due to age.