One-time Password & Client-to-gateway VPN

Active One-time password service on UTM

  • Go to Admin Console as an administrator
  • Definitions & User > Authentication Services > One-time Password > ON1
  • In Authentication Settings: Choose application/users that want to be protected by OTP.
    Timestep Settings: should be the default 30s

Get your OTP passcode

  • Log in to the User Portal, with user was allowed to use OTP.
    After login successful, it will show you a Token for OTP
  • In this case, I use an app on Android devices, go Playstore and find Google Authenticator.
    You should use your Google Authenticator to scan barcode which appeared in the step above.4
  • This passcode will be auto changed after every 30s, no one else can know what it is next unless you reveal your token for them.
  • Authenticator tools are supported on Windows, iOS… just google for that.

Configuring SSL client-to-site on Sophos UTM

Download and setup SSL client

  • Now, using your old username & new password to log in to User Portal
  • New password = old password  + passcode
    Example: my old pass is “Admin123@”, passcode is “667770”, new password will be “Admin123@667770″
  • Download and setup SSL client.
  • Remember that ssl vpn authentication must have OTP passcode which is from your Authenticator.

Thanks for your Reading!



Be the first to comment

Leave a Reply