Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

How to reset a users OTP pairing with authenticator

ChrisWheeler8700ChrisWheeler8700 Newbie ✭
in SSL VPN

User bought new phone, but when she logs into account on Sonicawall it asks for her old OTP code and does not provide a way to create a new one to override the old one. How do I "clear" her old one so she can create a new one?

Category: SSL VPN
Reply
Tagged:

Best Answers

  • CORRECT ANSWER
    prestonpreston All-Knowing Sage ✭✭✭✭
    edited November 2020 Answer ✓
    Hi @ChrisWheeler8700, edit the local user entry on the sonicwall there should be an option to unbind the otp,then get the user to login to the virtual office page and re-scan new otp.

    if the former isn't an option and the user is an LDAP user ( this is presuming that you enabled OTP for the AD group in the local user group which is being used for SSL VPN), delete the user from the local users menu and get them to re-login via the virtual office page and re-scan the new QR code,
    this will then re-add the local user to the local users database
  • CORRECT ANSWER
    SaravananSaravanan Moderator
    Answer ✓

    Hi @CHRISWHEELER8700,

    Thank you for visiting SonicWall Community.

    Could you please confirm if you are using OTP via email or TOTP options for OTP method of the user account?

    If you are using TOTP, then you should be able to unbind the previous key using the option UNBIND TOTP KEY, save the changes. Please ask the user to try the 2FA once and she can get a new code.

    OTP_TOTP.JPG

    Keep us informed for any questions. Have a good day!!!

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

Answers

  • [Deleted User][Deleted User] Cybersecurity Overlord ✭✭✭

    Hi @ChrisWheeler8700 ,

    Has your question been resolved?

    Thank you

  • ExecutechITExecutechIT Newbie ✭

    I am having a very similar issue with the user getting a new phone. I have done as instructed here and unbound the TOTP but the user is still being forced to give a code. The user and the 2FA requirement is pushed through AD.

  • ChrisWheeler8700ChrisWheeler8700 Newbie ✭

    After trying a few things suggested, I ended up having to delete the user and re-import them from AD to allow the user to create a new pairing. If I had turned on OTP on a per user basis instead of to the group, then I may have been able to do more but as I have it configured, they must be deleted and imported again to get back to where they need to be.

  • NuFinisNuFinis Newbie ✭
    https://community.sonicwall.com/technology-and-support/discussion/comment/7123#Comment_7123

    I found you don't have to enter the code after scanning the QRcode. If it creates your account, just go directly to try logging into VPN

  • mantis2kmantis2k Newbie ✭

    So Sonicwall support, is this considered a known bug? We have an similar issue, after the user logs into the sslvpn portal and enters their 2FA Code, there is a link presented to Unbind TOTP Code. However, when clicking the link an Undefined Error message pops up.

Sign In or Register to comment.