I'm wondering if NetExtender is the best/only solution to work? So, I logged into the SSL Client portal, setup TOTP using Google Authenticator, and then downloaded the NetExtender client. When I started testing this, I realized that if I have the IPSEC setup with the SGVC, then it does not enforce MFA, and I can just log in using my AD credentials. I figure that TOTP MFA is better than email OTP, as email is easier to hack. I have a test lab with a TZ370, that does LDAPS authentication to AD. I recently realized that I really need to setup MFA. I've played with NetExtender, and Mobile Connect, but really have just used Mobile Connect on Mac computers. I tend to prefer IPSEC vs SSL VPN, and not really sure why other than that is the way I've always done it. So, I've always used SGVC for my windows users, and don't deal with too many Mac users.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |