I setup a connect client with a provisioning file. Had Authentication to an AD server setup. When the user connects for their first time while using a provisioning file, it works beautifully.
Now, enter MFA. Because most places want some extra security.
With a new user and new Provisioning file to enable MFA. User cannot login to VPN and have everything setup from there. Since they have to put a token in to be able to authenticate and they don't have a token yet, this fails. They still have to go to the user portal to set that up.
As the Sophos Connect Client acts like a browser with the initial setup, it would be nice if when MFA is enabled, it would work the same way.
If anyone has worked through this before, how does this work for you? Do you push out a .pro file to the users but still have them go to the portal to setup MFA first?
Thanks,
D
Hello there,
Good day and thanks for reaching out to Sophos Community, hope you are well.
Can you confirm if this is the encountered behavior (Kindly see screenshot) as it might be related to a known issue on Sophos Connect (NCL-1391) https://doc.sophos.com/support/kil/index.html
Further, could you also try steps from this Recommeded Read to work on this issue? Sophos Firewall: Enable separate (3rd) input box for SSLVPN MFA instead of Password+OTP.
Kindly let us know how it goes. Many thanks for your time and patience and thank you for choosing Sophos
Cheers,
Raphael Alganes
Global Community Engineer, Support & Services
Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question, please use the 'Verify Answer' button.
The award-winning home for Sophos Support videos! - Visit Sophos Techvids
Quote