2FA on VPN?
![[Deleted User]](https://us.v-cdn.net/6031761/uploads/defaultavatar/n29VP08P5C5ND.jpg)
[Deleted User]
Cybersecurity Overlord ✭✭✭
Hi,
Does anyone know if it is possible for users logging into global VPN client to use 2FA?
Best Answer
-
CORRECT ANSWER
MikeV
Newbie ✭
The key thing is which system: SMA 100 or SMA 1000?
We support 2FA on the client side on both systems – implemented entirely differently.
On the SMA 1000 there is a way to change the port, but it is not intended to be done. It requires a CEM configuration and has been supported since 12.2 firmware. This is a global change – so will affect all users if changed.
Where you put the IP address or FQDN of the SMA just add :<port number>. Make sure the firewall protecting the SMA allows that port.
See the attached screen shot of Connect tunnel. The second screen shot is the CEM configured on an SMA 7200 running 12.3 and using port 4433.
On the SMA 100 the port can be changed, in 10.0 firmware. I am not sure you could do it before that. Under System > Administration
5
