If you have two factor auth on the portal and the gateway without using the cookie or passing the auth from the portal to the gateway will it ask you to authenticate twice?
Makes sense that it would, but I can pass the authentication if I choose the cookie option can't I? I be that is what the native clients are not getting the routing information from the gateway cause they are only asked to authenticate once
Hi @jdprovine, hope you are well...
I dont think, in fact im pretty sure that native clients do not use the portal, they connect directly to the gateway.
so either i have got that wrong or you are having some other issues with routing info...
hope you are doing well too....
Well I had never thought of that, interesting. Do you know the technical reason why? Seems like if it went to the gateway it should get the route information
Not really a technical answer, but IPSec deployments are never implemented the same across devices. The firewall will only send route infromation in a certain manner, whether the end-device has been programmed to accept the route as given is a different story. Most vendors won't take the time to implement every single possible method and don't generally keep up with the changes made throughout all the different implementations. This is why VPN clients are offered; they can ensure that they are both passing/expecting the proper information.
I'm fairly positive that @MickBall is correct in the fact that native clients do not utilize the portal in the connection process.
ooer... this could get confusing...
for native clients, just the gateway but if you have GP clients then you will also need it on the portal.
having it on both without cookie.... well it's an OTP so it cannot be used again for the gateway, thats why the authentication overide (cookie stuff)is there
So about these cookies .....
In all seriousness in your situation @jdprovine I would really recommend that you keep OTP on both and then just enable authentication override so that users don't have to enter the OTP twice.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!