Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 1449 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos SFOS 18.5.2 - How to get MFA QR code

Dennis Groppe

Good morning,

We updated all of our XG-firewalls to 18.5 MR2 two weeks ago. Now, I have to configure a new SSLVPN-User with MFA authentification.

I already read here:

https://community.sophos.com/sophos-xg-firewall/f/discussions/131468/sophos-firewall-v18-5-mr2-feedback-and-experiences/484223#484223

https://community.sophos.com/sophos-xg-firewall/f/discussions/132248/view-users-otp-code-missing-since-firmware-upgrade-to-18-5-2

community.sophos.com/.../i-cannot-find-the-qr-code-for-otp-in-the-user-portal

But I'm sorry, I don't understand what the right approach is. We are using soft- and hardware tokens as well. So we created the secrets manually.

So I created a new token for a user. He should use an authentificator app, for which I now need a QR-code.

By default, we had MFA activated for the user portal. With this, I have no chance to get in there with the new MFA-user. So I deactivated MFA for logging in to the user portal.  But then, I do not find any possibility to view a QR-code for my authenticator app. Where do I find this QR-code in user portal? Do I have to activate a specific option, to get this option in the user portal?

What I also tried is to create the MFA-user entry and the deactivate it, but then I still do not get into the user portal. Can some one please describe in more details how to obtain a MFA QR-code since SFOS 18.5.2?

Any help is highly appreciated, thank you!



This thread was automatically locked due to age.
  • 0

    Ok, now I found out what to do, sorry for that stupid question.

    If I have a hardware token, I should use the button to add the secret manually. Afterwards I can use it imidiately.

    If I want to get a software token for a new user, I MUST activate "Generate OTP token with next sign-in". When my new user now enters user portal the next time, the auto-generated qr-code is presented, as it has been described in the other threads.

    My fallacy was that I generated the secrets "manually" before (for let's say historical reasons) and mistakenly wanted to create the software token by the new "Add token"-button.

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?