• Hide MFA QR Code

    J.Janssens
    J.Janssens
    I make an attempt at posting the most trivial question on these forums ever: where is the option hidden to hide the 2FA QR code after a successful logon? On SGs this is under Management/User Portal/Disable Portal Items, but I really can't find it on XGs…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • 2FA for SSL VPN XG 125 firewall

    Gurtej Singh1
    Gurtej Singh1
    Hi Team, I am trying to setup 2FA authentication in SSL VPN for all remote users to make VPN more secure and i have XG 125 Firewall. Please help
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SSL VPN Multifactor Authentication

    Jeff Duvall
    Jeff Duvall
    I have been trying to find out how to set up multifactor authentication with SSL VPN clients. Currently, our users provide the AD credentials and are able to authenticate but recently we have been tasked with added the MFA as well. Is the Microsoft Authenticator…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SSL VPN client unable to authenticate with OTP

    Service TAG
    Service TAG
    We have Sophos XG125 firewall with the current firmware SFOS 18.0.5 MR-5-Build586. Users have been imported from on-prem AD and are currently using L2TP VPN to connect remotely. The goal is to switch them to more secure SSL VPN with OTP (one-time password…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Google Authenticator Doesn't Like %3D

    Joshua Smith4
    Joshua Smith4
    We are setting up a new MFA VPN in our organization, and many people in the company already use Google Authenticator, so we'd like them to be able to use that. However, authenticator reports that the data in the QR code is invalid. (It accepts the code…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SSL VPN & MFA App Design

    Jason Bristow
    Jason Bristow
    Can you please improve the SSL VPN client. It's very challenging to use it when storing MFA codes in a Password Manager and we get a lot of complaints about it. For example, if you open the client and then enter your username then go over to your password…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Multifactor authentication on linux

    jjoaovini
    jjoaovini
    The VPN I want to connect requires MFA. I have my ovpn file, and I connect through openvpn. when authenticating, I type the <user> <password><one time passcode> appears that is connected, but I can't access the site I wanted.
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • OTP with Active Directory Groups and Backend Memebership

    OlvrKl
    OlvrKl
    Hi everyone, this is my first time here, so be patient with me :) Sophos Support and our Partner couldn't help me with my questions and pointed me to the Community. I'm certain one might helpt me. I would like to implement OTP on an XG Firewall…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SSL VPN cannot reconnect with OTP

    Alan Panec
    Alan Panec
    Hi I am using SSL VPN with OTP token and it seems like its not able to automatically reconnect after short connection loss for example. Clients have to manually reconnect using new OTP after each disconnect. This is very annoying for mobile users. I…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Two Factor Authentication Disconnects

    Alan Spark
    Alan Spark
    Since enabling two factor authentication on our XG 135 running SFOS 18.0.4 MR-4 we have been getting disconnected from the VPN after a period of time. It seems to be around 4 hours on IPsec and around 8 hours on SSL VPN. We were not aware of this before…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • send a SMS message with OTP

    Indunil Jayasooriya
    Indunil Jayasooriya
    We have setup SSL VPN with OTP. We use Sophos Authenticator as Mobile App. We can login successfully. Everything works well. Now, We have a requirement to send a SMS message with OTP . Is it possible to add SMS feature with OTP?
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • OTP FAIL EVERY 30 DAYS

    Christian Garcia N
    Christian Garcia N
    Good morning. I have activated the OTP in an XG XG330 and every 20-30 days I have to reset the QR code as it starts to fail, people cannot connect to the VPN or access the user portal until I delete them and recreate the QR code, once it is reconfigured…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • XG user portal OTP tokens issue

    Eisenwerk Brühl GmbH
    Eisenwerk Brühl GmbH
    SFOS 18.0.4 MR-4 We are using the user portal with 2FA. Today we found out that some users can see their QR-code, others not. Is there a reason why? Both user have the same user-rights on the XG: Tested with different browsers and different users…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Two Factor Authentication Issue

    Alan Spark
    Alan Spark
    We have an XG 135 running firmware SFOS 18.0.4 MR-4. Recently we have been testing two factor authentication, with the automatically generated 30 second keys. This has been working for a few people. Today we had the idea to increase the key timeout…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Why doesn't the XG SSL-VPN client recognise a 3rd Party 2FA Authentication Confirmation?

    Andy Hanson
    Andy Hanson
    When you ask the user to authenticate with an additional RADIUS server, directed at a 3rd party solution (for example SecurEnvoy, Swivel, Vasco), and the user strongly authenticates (ie username and password+passcode) which is acknowledged by the 3rd…
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • 2 Factor authentication for SSL VPN users

    itguy318
    itguy318
    Would it be possible to setup 2 Factor Authentication only for SSL VPN users alone while connecting from remote to LAN. I dont want LAN users to use that facility. Do i need to have a RADIUS server for 2 factor authentication. I was thinking if XG can…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Sophos NextG Web Application Firewall for Exchange with Multi-Factor Authentication (MFA)

    John Craparotta
    John Craparotta
    Hi All, Due to EOL with Sophos UTM 9, We recently upgrade to Sophos Next Gen Firewall. We used to have a feature with Sophos UTM that allow to enabled OTP / Multi-Factor Authentication on Web Application Firewall or Web Application Proxy for second…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos Zero Trust

    briesa0
    briesa0
    Hi I was wondering if with zero trust can be done for devices on the network, using yubikey (with fingerprint) (something you have something you are) to log in. Also with xg (with added password) (something you know...alongside sophos apps like intercept…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Limit Reconnect Attempts for SSL-VPN

    IT Support152
    IT Support152
    Is there a way to suppress reconnect attempts (or limit them, to say, 3) for the SSL-VPN client on XG? We're getting DUO MFA lockouts from users who don't disconnect at the end of the day. SSL-MFA attempts to reconnect after a timeout, and then attempts…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • skip multi factor from specific ip

    lior me
    lior me
    hi is it possible to skip multi factor and capcha from specific ip?
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • OTP Default token timestep

    @wajdiaa
    @wajdiaa
    I've tested a couple of XG 18.04 and obtained the same results: When the timestep in seconds is changed for example from 30 to 60 seconds, 2FA stops validating even though I rescan the QR to update the token info. Switching back to the default 30 seconds…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • RADIUS MFA and VPN

    Christian136
    Christian136
    Hey, we set up a RADIUS Server for MFA login with a OTP token. If i put the Radius Server to User Portal login, i type in my AD credentials and in the next step the access challenge comes up for the OTP token. Everything is fine. But this is not working…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • OTP Issue

    Daniel O'Farrell
    Daniel O'Farrell
    We have recently setup AD and added a number of users into our Sophos XG. I know would like to configure OTP - this was straight forward but when a user first sets up their OTP and Sophos authenticator they end up being asked to do the same thing over…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG210 MR4 OTP Token with AD authentication - error 17705 and 17711

    Stephan Bückert
    Stephan Bückert
    Dear community, i got some problems with Sophos XG210 MR4. I created a new AD user for testing, activated OTP and assigned the testuser to it. I got a new hardware token i integratet and assigned to the testuser. Now i done some testing, testuser…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • MacOS SSL VPN OTP in separate field

    Wimar Aswan
    Wimar Aswan
    When using MacOS and connecting via Sophos SSL VPN and OTP, is there a client that have the OTP as a separate field instead of adding the OTP to the end of the password? Unfortunately Sophos Connect v2 is not out yet for MacOS and I've tried using Tunnelblick…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
<>