SSL VPN Multifactor Authentication

Hi Jeff Duvall,

Thank you for reaching out to Sophos Community.

You can enable Two-factor authentication by configuring the OTP service on Sophos Firewall.

Click here to get more information on 'Configuring two-factor authentication'.

Jeff, how helpful is your link if it takes you to a generalized help page? You would expect something more useful from your team. I am also looking to implement MFA for my VPN users using local database for authentication

the link looks OK but it's not working. true.

thy this one

https://docs.sophos.com/nsg/sophos-firewall/18.0/Help/en-us/webhelp/onlinehelp/nsg/sfos/learningContent/AuthenticationConfigureTwoFactorAuthentication.html

We're about to do the same shortly. Hope it really helps :-)

We use DUO MFA.

I did a write up of it here: https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/124501/3-ways-to-setup-xg-18-with-duo-2fa

Integrates with AD and you can use it for any XG authentication.

DUO costs about £30/user/year (you can get it free for 10 users). We use it to to secure a lot of services - access to servers, websites, network equipment etc.