Push Notification with MFA

Hi all,

I have a question regarding Mobile VPN with SSL client.
I managed to configured MFA with azure and Radius, but for the moment i have to give in the one time password in the app.
is it possible to make use of Push Notification instead of one time password ? i notice if i search for it i find post about the own watchguard solution AuthPoint , is it only possible with AuthPoint ?

thanks in advance for helping me out with this one.

Regards

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Wesley If you are using RADIUS, you can require OTP or push, but not both. There's no way to make that distinction with RADIUS.

    -James Carson
    WatchGuard Customer Support

  • The nps extension uses now OTP as default, because Microsoft enabled the number matching to the Authenticator app authentication….

    Are you using the Azure Security Default settings or Conditional Access Policies in Azure AD?

    If Security Default then try to add following registry key in the NPS machine:

    Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AzureMfa
    Key type: String
    Key name: OVERRIDE_NUMBER_MATCHING_WITH_OTP
    Key value: FALSE
    Restart the NPS Service.

    https://petri.com/m365-changelog-authenticator-number-matching-to-be-enabled-for-all-microsoft-authenticator-users/

    if you have “Require multifactor authentication for all users” Conditional Access Policy you shouldn’t need this registry key…

Sign In to comment.