https://community.checkpoint.com/t5/SASE-and-Remote-Access/Two-Factor-Authentication-Dynamic-ID/m-p/90022#M10228 Why you mention the receiver's mail in the telephone tab?<BR /><BR />I think if this LDAP configuration is OK for you, the script in CP should be something like mail:TO=$PHONE;SSL_REQUIRED... Mon, 29 Jun 2020 07:17:48 GMT MartinTzvetanov 2020-06-29T07:17:48Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Two-Factor-Authentication-Dynamic-ID/m-p/89805#M10227 <P>Hi,</P><P>I need to enable two-factor authentication with Dynamic ID for VPN clients using Checkpoint Mobile. I need the dynamic ID to be sent via email. I have already configured it according to the admin guide using Google SMTP (With and without authentication), But unfortunately, I always get an error on the client as "User Authenticated by Firewall - Dynamic ID sending Failure".</P><P>The script I have used is as follows,</P><P>mail:TO=$EMAIL;SSL_REQUIRED;SMTPSERVER=smtp://lahiru@abc.com:*password*****@smtp.gmail.com;FROM=lahiru@abc.com;BODY=$RAWMESSAGE</P><P>Also, I am using LDAP and I have mentioned the receiver's email address in the "Telephone" tab.</P><P>Can someone please help me troubleshoot this or provide any mechanism to achieve this.&nbsp;</P><P>Thank you</P> Thu, 25 Jun 2020 13:36:55 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Two-Factor-Authentication-Dynamic-ID/m-p/89805#M10227 lahiru13m 2020-06-25T13:36:55Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Two-Factor-Authentication-Dynamic-ID/m-p/90022#M10228 Why you mention the receiver's mail in the telephone tab?<BR /><BR />I think if this LDAP configuration is OK for you, the script in CP should be something like mail:TO=$PHONE;SSL_REQUIRED... Mon, 29 Jun 2020 07:17:48 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Two-Factor-Authentication-Dynamic-ID/m-p/90022#M10228 MartinTzvetanov 2020-06-29T07:17:48Z