SSL VPN - 2FA - two units - Google Authenticator code
we have two unit in HA.
we have VPN SSL with 2 FA.
I've my smartphone with Google Authenticator.
I've an entry code for active unit (I see serial number of the unit).
If units switch (failover) I must regenerete Google Authenticator code ?
Unit have self signed certificate.
May I have only one code using a public certificate on SonicWALL NSA ?
Category: SSL VPN
0
Answers
hi @Alberto
Since your firewall configured as HA, it should work.
There was a bug about the same issue and Sonicwall has been fixed.
In HA if you enable the sync including the certificate/keys, your public certificate will work without any issue.
actually we have 6600-6_5_4_7-83n.
can you give me more information about the issue ? numer of issue ?
we have checked: Include Certificates/Keys but we use autogenerate certificate on nsa
we have been received the Hotfix firmware 6.5.4.6-79n-HF208918.
I recommend you have to contact Sonicwall Support for the hot fix firmware according to your Firewall model.
Hi @Alberto
Seems like this was a bug on 6.5.4.7-83n firmware and it was fixed on 6.5.4.8-89n, I would request you to take a backup of the settings and upgrade the firmware on the firewall to the latest one 6.5.4.10-95n as the TOTP should work fine even on a HA failover without any rebinds.
Regards,
Arjuna