Configuring MFA with OTP
One Time Passcode can be used to verify identity by prompting to enter a code only known to the person possessing the registered Authenticator App.
In order to enable MFA using OTP App, you will need to create a new Radius Policy.
Step 1 - Create a new Radius Policy
- Navigate to Policy in the top panel
- In the left window, click on Radius Policy
- Click on Tasks and select Create
- Enter Name for Radius Policy
- Under the Conditions section, select the criteria to match on
- Click Add
- Scroll down to the Policy Section
- Set Access Policy to 'Continue' (this allows for the MFA challenge)
- Set 2-Step Authentication to 'OTP'
- Click Create
Note
Status can be left in 'Disabled' mode until you are ready to test.
Note
In order for MFA using OTP to function, ensure the OTP App is installed on your mobile device.
Step 2 - Test / Validate
- Connect using the Genian ZTNA Connection manager
- Right-click on the tray icon
- Select Network Access and then site name to connect
- Sign in with user ID/password
- A 'OTP' window should display
- Click 'Confirm' to begin the process to issue a new security key
- On the next page, select the 'QR-Code' option and click 'Generate Security Key'
- On your mobile device, open the Authenticator App and click the + sign
- Scan the QR Code that was generated in the previous step
- On the next page, enter the 6-digit code displayed in the Authenticator App
- If code is correct, ZTNA Connection Manager should update that you are now connected