Title of the Procedure: Setting up MFA for DrayTek VPN with Android 


Objective/Goal: To add an extra layer of security when accessing the VPN through the Multifactor Authentication 


Overview of Process: The DroidOTP app will be set up to generate an mOTP then create an SSL VPN profile on the router with mOTP authentication. After that the SSL VPN profile in the SmartVPN client needs to be created. Lastly, connecting and using a VPN with mOTP two-factor authentication. 

 

PROCEDURE 1Generating the mOTP secret using the DroidOTP app 

1. Download DroidOTP app on your mobile/tablet device. 

 

  1. 2. Once installation is done, open the application. A message indicating the application’s outdated status will prompt you to choose between Check for updates or OK 

  • If you choose the former, it will direct you to Google Play. It is going to show you that no updates are available for the application thus, bringing you back to the DroidOTP’s dashboard. 


 

  •               Selecting the latter will only close the pop-up message with no changes made. 

 

3. Click Add new profile. 

 

4. Use LA-VPN as its profile name. 

 

5. Select 4-digit PIN for the OTP type. 

 

  • Leave other options as they are unless you want to specify the experience. 

6. Click the Initialize Secret option. 

 

7. Select Enter secret key directly among the three options then, key in the characters as follows 1234567890987654. 

 

Note: Each time you open the DroidOTP app, it will ask for a 4-digit PIN. That is how you will get the password to enter the Smart VPN Client application which will be discussed in the second procedure. Please use combination 4321 for this step. 

  

 

Page Break 

PROCEDURE 2: Connecting and Using a VPN with mOTP Two-Factor Authentication 


1. Go back to your computer and open DrayTek Smart VPN Client app. Click Profiles on the left side then, edit the existing profile. 

 

2. Once you click Edit, make sure that the settings are like this: 

 

3. Go back to Connection, set the active profile to the one we edited then, click connect. 

 

4. Once you hit the Connect button, it will ask for a username and password. 

  • Username: Your first name 

  • To generate the password, follow these steps: 

  • Go back to the DroidOTP app on your phone then open the profile you created. 

  • Enter 4321 on the pin, hit New OTP after. It will then display the six-hex digit (0-9 & a-f, all lower case) one-time password. 

 

Note: The circle acts as a timer - once the timer completes, the one-time password will no longer be valid, and a new password will need to be generated with the correct PIN code. 

5. Use the generated OTP as your password on the DrayTek Smart VPN Client application. Click OK. 

 

Note: This password will also be stored but will be invalid after the VPN tunnel has connected, so it will be re-entered every time the VPN is connected. 

6. The Smart VPN Client will start to connect, displaying connection status here: 

 

7. Once the VPN successfully connects, the Smart VPN Client will minimise into the Windows System Tray and display a connection status notification in Windows:  

 

8. Double-click the green system tray icon to display the Smart VPN Client. Alternatively, right click the Smart VPN Client system tray icon for quick access to connect/disconnect & statistics options: 

 

9. Expanding the Smart VPN will show the connection status, clicking the Disconnect button will drop the VPN tunnel: