Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
chethan_m
Collaborator
Jump to solution

Issues with Remote Access VPN with SMS Multifactor Factor Authentication - Dynamic ID

Hi Everyone,

 

One of our customers recently updated their RAVPN Authentication settings. Now they want to enforce MFA with SMS for all the users.

The customer's SMS gateway provided have shared their API, but it doesn't seem to trigger an SMS.

 

I have checked the configuration against the resources and found everything to be in place:

  •  On SmartConsole, VPN client's authentication settings is updated not to allow older clients to connect. 2FA authentication with SMS is selected.
  • On SmartDashboard, the DynamicID is enabled too to mandatorily enforce DynamicID to log in.
  • The SMS Gateway provider settings (string) and credentials (username, password, and API Key) is updated accordingly.
  • The "$CPDIR/conf/dynamic_id_users_info.lst" file is updated with username and phone numbers.

 

The VPN client fetches the list of phone numbers configured and shows a prompt: "Please enter the number that matches your DynamicID Target", but no SMS is received. 

 

Should I check this with SMS Gateway provider? or there are any diagnosis commands to prove that the SMS request is triggered towards the SMS gateway? 

Attached the image for reference.

 

Thank you

0 Kudos
1 Solution

Accepted Solutions
chethan_m
Collaborator

After lot of discussions and TAC cases with the SMS Gateway provider we were able to resolve the issue. 

The issue was with the API string that they provided to us. We received the corrected variables/placeholders for the OTP and phone number.

View solution in original post

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

I believe the command that sends the SMS is: $CVPNDIR/bin/sendsms
It's a shell script, which I assume can be reviewed for possible debug points.

0 Kudos
chethan_m
Collaborator

After lot of discussions and TAC cases with the SMS Gateway provider we were able to resolve the issue. 

The issue was with the API string that they provided to us. We received the corrected variables/placeholders for the OTP and phone number.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events