Title of the Procedure: Setting up MFA for VPN with Android
Objective/Goal: To add an extra layer of security when accessing the VPN through the Multifactor Authentication
Overview of Process: The app will be set up to generate an then create an SSL VPN profile on the router with authentication. After that the SSL VPN profile in the client needs to be created. Lastly, connecting and using a VPN with two-factor authentication.
PROCEDURE 1: Generating the secret using the app
1. Download app on your mobile/tablet device.
2. Once installation is done, open the application. A message indicating the application’s outdated status will prompt you to choose between Check for updates or OK.
If you choose the former, it will direct you to Google Play. It is going to show you that no updates are available for the bringing you back to the dashboard.
Selecting the latter will only close the pop-up message with no changes made.
3. Click Add new profile.
4. Use LA-VPN as its profile name.
5. Select 4-digit PIN for the OTP type.
Leave other options as they are unless you want to specify the experience.
6. Click the Initialize Secret option.
7. Select Enter secret key directly among the three options then, key in the characters as follows 1234567890987654.
Note: Each time you open the app, it will ask for a 4-digit PIN. That is how you will get the password to enter the Smart VPN Client application which will be discussed in the second procedure. Please use combination 4321 for this step.
PROCEDURE 2: Connecting and Using a VPN with Two-Factor Authentication
1. Go back to your computer and open Smart VPN Client app. Click Profiles on the left side then, edit the existing profile.
2. Once you click Edit, make sure that the settings are like this:
3. Go back to Connection, set the active profile to the one we edited then, click connect.
4. Once you hit the Connect button, it will ask for a username and password.
Username: Your first name
To generate the password, follow these steps:
Go back to the app on your phone then open the profile you created.
Enter 4321 on the pin, hit New OTP after. It will then display the six-hex digit (0-9 & a-f, all lower case) one-time password.
Note: The circle acts as a timer - once the timer completes, the one-time password will no longer be valid, and a new password will need to be generated with the correct PIN code.
5. Use the generated OTP as your password on the Smart VPN Client application. Click OK.
Note: This password will also be stored but will be invalid after the VPN tunnel has connected, so it will be re-entered every time the VPN is connected.
6. The Smart VPN Client will start to connect, displaying connection status here:
7. Once the VPN successfully connects, the Smart VPN Client will into the Windows System Tray and display a connection status notification in Windows:
8. Double-click the green system tray icon to display the Smart VPN Client. Alternatively, right click the Smart VPN Client system tray icon for quick access to connect/disconnect & statistics options:
9. Expanding the Smart VPN will show the connection status, clicking the Disconnect button will drop the VPN tunnel: