Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

SMA410 - MFA Options

JB_UKJB_UK Newbie ✭
in Secure Mobile Access Appliances

Hi,

We've been happily using SMS OTP on our SMA for some time now but we'd like to offer the option of the mobile app to users. Can someone tell me how we can do this without breaking the existing SMS OTP?


I've found this:

https://www.sonicwall.com/support/knowledge-base/totp-configuration-user-discretion-in-sma-100-series/190126211359131/

..but it's not quite what we're doing. Worth mentioning that there will be some new users and some existing (already using SMS OTP).


Thanks in advance.

Category: Secure Mobile Access Appliances
Reply

Answers

  • NatNat Newbie

    User level setting will override domain setting. You can create new group/user then follow step 2 from kb.

    Then those new users can use email or totp for otp.

    Or you can enable all the options on domain settings. It should work on any OTP method.

    Except mobile connect on IOS/android, it only use the "Prefer" otp.

    image.png
    image.png


  • JB_UKJB_UK Newbie ✭

    My issue is, I don't want users to receive a choice. I want a subset of users in the same Domain to use MFA via the app rather than being given a choice. We have several hundred users and any new options will confuse them and result with t he support desk being flooded!

    I realise I could set the option on the user rather than the group, but I as far as I know this is only possible after they've initially logged in (fine for existing, but not ideal for new users).

    There has to be a more elegant way of achieving this...

Sign In or Register to comment.