Future Consideration 2FA for VPN
Good morning from the not so sunny UK!
We have several ER7206 (and a few ER605) based at different clients sites, and we would like to have the ability to add 2 factor authentication to the VPN setup please. This feature nowadays is a must have for cyber assurance purposes, so it seems daft to have to implement another VPN solution when you have 99% of it already built into the router. It's just missing that last option!
Even the OpenVPN server built into the ER7206 doesn't appear to have the option for 2FA, and to my knowledge this is standard option for the OpenVPN server.
This router fulfills all of our requirements and the Omada ecosystem as a whole is fantastic, it's just this one drawback!
Many thanks.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Thanks for posting in our business forum.
bambinotenchie wrote
This feature is a MUST-HAVE since it is common nowadays.
May I know what vendors have implemented this?
- Copy Link
- Report Inappropriate Content
@Clive_A For now, our company is using 2FA for Fortinet VPN, 2FA in our Cisco router and 2FA in our H3C router. I have been thinking that even logging in to the console and web console of the TP-Link should be able to use 2FA. But, maybe this can be gradually implement in the future.
- Copy Link
- Report Inappropriate Content
but none of them have built-in 2fa, 2fa is managed on an external radius server, you can do the same with Omada routers if you use SSL VPN, I agree that it would have been cool to have 2fa on Omada's radius server once in the future :-)
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Literally REQUIRED by compliance rules in many cases. Expected basic functionality at this point for years now. We really do need this. I honestly thought this existed already.
- Copy Link
- Report Inappropriate Content
@Clive_A Fortinet, SonicWall, OPNSense, PFSense, Meraki, they all pretty much have this functionality implemented now...
- Copy Link
- Report Inappropriate Content
Hi @utilsvcllc
Thanks for posting in our business forum.
utilsvcllc wrote
@Clive_A Fortinet, SonicWall, OPNSense, PFSense, Meraki, they all pretty much have this functionality implemented now...
Except for the PF and OPN.
F, S and M, do they support 2FA for all VPN types?
I reviewed the original request that he requests 2FA for OVPN. Do you see an implementation on the other types of VPN except for the SSL VPN?
Would be great if you have some links for me so as to add them to the report.
- Copy Link
- Report Inappropriate Content
@Clive_A I know they all have some type of MFA for access type VPNs, IKE tunnels they probably don't, since I don't think IKE/IKEv2 can even do that by protocol.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 11
Views: 1851
Replies: 32