Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
CheckPointerXL
Advisor
Advisor

2FA: Username/Password + Certificate for SNX Users

Hi all, 

our customer wanna improve 2FA authentication for his users connected from SNX.

Is this possible?

Following sk86240 it seems possible, but i'm not sure if that's possible through GuiDBedit Tool like described. 

 

Thank you

 

0 Kudos
4 Replies
G_W_Albrecht
Legend Legend
Legend

Please note that sk86240 is outdated as the most recent supported version in R77.30 ! This depends - Legacy SNX (no Mobile Access Portal / Blade enabled) can not use 2FA, see sk111583: Mobile Access and VPN clients supporting Multiple Login Options and  Mobile Access R80.10 Administration Guide

 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
CheckPointerXL
Advisor
Advisor

Thank you for the reply Albrecht

MAB is enabled, what is not clear to me is: Certificate+Username/passwd means AND or OR ?

Cattura.JPG

last question, is possible to set a maximum number of login attempts in case only Username/Passwd is enabled?

 

thanks!

0 Kudos
CheckPointerXL
Advisor
Advisor

TAC answered me about second question:

 


There's not currently a built in feature to reject connections after a certain number of failed login attempts for local users. However, if you're using LDAP users this can be configured on the Active Directory to lock the account after a certain number of failed attempts. Please let us know if you have any more questions or concerns regarding this issue. 

 

hope this helps

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Means AND - 2FA.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events