https://community.checkpoint.com/t5/SASE-and-Remote-Access/2FA-as-a-secondary-authentication-in-Mobile-Access/m-p/82265#M10649 <P>Hi,&nbsp;<BR /><BR />I have configured mobile access on my CP Gateway. I want the primary authentication for the SSL VPN users to be locally created 'Username and Password' on the Checkpoint GW and the secondary authentication to be 2FA (For eg. Duo). So, there will be 2 authentication factors 'Username and Password' and 'Radius'. Has anyone tried this?<BR /><BR />For this, I have configured Multiple authentications on Mobile Access &gt; Authentication. Please refer to the attached screenshot.<BR /><BR />If the primary authentication was through Radius Server or AD, then it won't be a problem as I only have to select my Authentication method on Mobile Access as 'Radius' and my 2FA (Duo) would handle AD or Radius authentication and once verified, it generates a token or sends a push notification.</P> Fri, 17 Apr 2020 17:15:00 GMT Nischit 2020-04-17T17:15:00Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/2FA-as-a-secondary-authentication-in-Mobile-Access/m-p/82265#M10649 <P>Hi,&nbsp;<BR /><BR />I have configured mobile access on my CP Gateway. I want the primary authentication for the SSL VPN users to be locally created 'Username and Password' on the Checkpoint GW and the secondary authentication to be 2FA (For eg. Duo). So, there will be 2 authentication factors 'Username and Password' and 'Radius'. Has anyone tried this?<BR /><BR />For this, I have configured Multiple authentications on Mobile Access &gt; Authentication. Please refer to the attached screenshot.<BR /><BR />If the primary authentication was through Radius Server or AD, then it won't be a problem as I only have to select my Authentication method on Mobile Access as 'Radius' and my 2FA (Duo) would handle AD or Radius authentication and once verified, it generates a token or sends a push notification.</P> Fri, 17 Apr 2020 17:15:00 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/2FA-as-a-secondary-authentication-in-Mobile-Access/m-p/82265#M10649 Nischit 2020-04-17T17:15:00Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/2FA-as-a-secondary-authentication-in-Mobile-Access/m-p/82409#M10650 That should generally be supported.<BR />See: <A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk86240" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk86240</A> Mon, 20 Apr 2020 00:48:23 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/2FA-as-a-secondary-authentication-in-Mobile-Access/m-p/82409#M10650 PhoneBoy 2020-04-20T00:48:23Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/2FA-as-a-secondary-authentication-in-Mobile-Access/m-p/82492#M10651 <P>Hi,&nbsp;<BR /><BR />Thank you for the response.&nbsp;<BR /><BR />I will follow this SK.&nbsp;</P> Mon, 20 Apr 2020 14:38:11 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/2FA-as-a-secondary-authentication-in-Mobile-Access/m-p/82492#M10651 Nischit 2020-04-20T14:38:11Z