Sophos Firewall Instructions for configuring 2 Factor Authentication for Client to site SSL VPN

1 overview

The article shows you how to enable 2-factor authentication for SSL VPN connections.

2 Steps to take

  • 2.1 Enable Multifactor Authentication
  • 2.2 Get 2 Factor Authentication code
  • 2.3 Enable 2 Factor on user account and get VPN configuration file
  • 2.4 Access VPN on user’s machine
  • 2.5 Token Code Management

2.1 Enable Multifactor Authentication

At Sophos Firewall, go to Authentication > Multi-factor authentication

One-time password: Select Specific users and groups if you want to enable 2 Factor Authentication for the specified user or group. Select All users if you want to enable 2 Factor Authentication for all users.

OTP required for these users and groups: If we select Specific users and groups, we will specify a specific user or group here (if you want to configure the admin user, go to Administrator > Device access).

Generate OTP token with next sign-in: select enable.

Require MFA for: check SSL VPN remote access to apply for SSL VPN remote access

Then click Apply to apply the configuration.

2.2 Get 2 Factor Authentication code

At the user machine

Access the user portal page, log in with the user account that applied 2 factors in the previous step.

The Portal page appears with the following QR code.

Use Google authentication software on your phone to import the above QR code, you will receive a Token Code to log in

2.3 Enable 2 Factor on the user account and get the VPN configuration file

At the user machine, go to the User portal page.

Fill in the information

Username: Log in with the account that added 2 Factor.

Password: Password + Token Code (for example, password is abc, token code is 12345, enter abc12345)

After logging in with the QR code will not appear again. From the next time, the user who wants to log in will need to enter the password + token code as above.

The portal page appears, go to VPN

Sophos connect client: Download Sophos VPN access software Sophos connect to your computer to install.

VPN configuration: Choose to download the config file for your computer or mobile device.

2.4 Access VPN on user’s machine

Tạ At the user machine, install Sophos Connect. After installation is complete, open sophos connect and select Import connection to add the downloaded configuration file.

Select Connect.

Enter account information

UserName: account name.

Password: password + token code (eg: password is abc, token code is 12345, then enter abc12345)

Select Sign in to log in

2.5 Token Code Management

To manage activated tokens. Go to Authentication > Multifactor Authentication > Issued Token

Be the first to comment

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.