Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki VPN Client MFA authentication via text code

hmc25000
Getting noticed
‎Jul 6 2021 12:37 PM
‎Jul 6 2021 12:37 PM

Meraki VPN Client MFA authentication via text code

Is there a way to configure VPN client connections with MFA text code rather then notifications through the app? This might be a windows thing but figured I would ask if someone got it to work. 

 

MY second question is what is the timeout setting for authentication on the Meraki MX? We have not increased the timeout settings for the Meraki VPN policy in the radius server settings yet. Not sure if anyone has done this.

0 Kudos
Subscribe
2 Replies 2
Bruce
Kind of a big deal
‎Jul 6 2021 3:08 PM
‎Jul 6 2021 3:08 PM

Sending a text code for authentication would need to be something that the RADIUS server does. You’d need a RADIUS server that does this, or that can do push requests to an app installed on a smart phone (something like Duo, but there are others too).

 

With regards to RADIUS timers, there isn’t an option in the Dashboard to configure them for the VPN client. If you need to change them the you’ll probably need to reach out to support.

Subscribe
In response to Bruce
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 6 2021 5:36 PM
‎Jul 6 2021 5:36 PM

@Bruce is right.  You'll need Meraki support to extend the timer for you.

If you are using the newer AnyConnect client you can configure this in the client profile yourself.

 

I'm not aware of any systems that support TXT messages.  Note that TXTing of codes is not generally considered secure, especially in countries like the USA with poor TXT security standards (security costs money and Telco's in the USA don't seem interested in spending on customer security).

https://www.techrepublic.com/article/top-5-reasons-not-to-use-sms-for-multi-factor-authentication/ 

 

As Bruce alludes to, you'll need to use a system that supports push notifications like Cisco Duo.

 

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.