Sophos UTM9 - MFA Loop

Question

Hello Sophos Community, I have a problem with the Sophos UTM 9 firewall and the setup with MFA. 
 Key data: 
 - Sophis UTM 9 (SG230) - version: 9.713-19 
 - The OTP setting under Authentication Services is enabled 
 - Only one user was added for the test 
 - The setting Auto-create OTP tokens for users is set 
 - OTP is enabled for User Portal and SSL VPN 
 When the user logs into the portal (username+password), the prompt to scan the QR code appears in the next window. After scanning and clicking on the Continue with login button, I land again on the user portal and am asked to enter my login data again. I enter username+password again and attach the MFA code behind the password. 
 After logging in, I am asked to scan the QR code again. And now I'm in a loop. The problem also occurs when I log in with just a username+password or just append random numbers to the password. 
 In the WebAdmin portal, however, I can see under OTP token that the key for the user has been created automatically. I've already restarted the firewall and installed the latest firmware but unfortunately no improvement. Do you have another idea? 
 Kind regards 
 Kevin

Raphael Alganes · Accepted Answer

Hello, 
 Good day and Thanks for sharing these details. 
 please check SHA settings on under OTP if it is 265 or 512 and if Google Authenticator support such hash algorithm or falling back to SHA1, then try to change in UTM by changing SHA settings to match authenticator hash algorithm. 
 alike community thread reference that you can also refer to: 
 - Sophos SG UTM: OTP QR Code doesn't work 
 - RE: Users cannot login with OTP 
 Hope this helps. Kindly let us know how it goes. Thanks for your time and patience and thank you for choosing Sophos.

Sophos UTM9 - MFA Loop

Top Replies