Block authentication method change

stich86 — Thu, 14 Jan 2021 15:51:26 GMT

Hi guys,

we need to block the authentication method change on the client side.

Is it possible? The problem is related to Machine Authentication. We had to create a "Standard 2" login that is without Dynamic ID to make it works. But if someone found this "tricks" will bypass simple username+password+dynamicid solution.

The major problem is that we need to give VPN access also to 3rd party users, so we need the DynamicID and cannot do MA for 3rd party

Thanks!

Re: Block authentication method change

PhoneBoy — Fri, 15 Jan 2021 05:40:12 GMT

I would think you could set up the access roles and such that they could still authenticate but would not be able to access any of their resources unless they did Machine Authentication.
Don’t believe you can disable changing the authentication method on the client side short of using a different firewall for third party access.

topic Block authentication method change in SASE and Remote Access

Block authentication method change

Re: Block authentication method change