MFA Configurations for VPN Services

single connect mfa can be used as a 3rd party mfa server for all applications, devices, vpns, etc that support radius authentication two options are available for mfa server support both the first authentication (with username and password) and the secondary authentication (with otp) are provided via single connect to activate this feature • define the vpn device according to the tacacs access manager configuration • enable otp on the user group (navigate to administration > 2fa provisioning > user group management ) only second authentication with otp is provided via single connect to activate this feature • define the vpn device and the device group realm with the related users in single connect (see https //app archbee com/docs/jsymind0w sxaymlkgomr/324coxov7einiuzghqbqk docid 8e2jbctfdgt6 kubeput and docid 701n9zb2bfie8gywuezry sections ) • define the element type property in the vpn device element type section navigate to device management > element type click the options button of the desired element type and select show properties set the radius auth only token enabled property value as true