Cannot send mail to two-factor authentication for SSL VPN

MassimilianoDelta
MassimilianoDelta Posts: 18  Freshman Member
First Comment Third Anniversary

Hi, I would like to use two-factor authentication for SSL VPN access but from the logs I see this error and I can't understand what I should do.

image.png

Thanks Max

All Replies

  • PeterUK
    PeterUK Posts: 3,782  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Have you set Mail server in config > system > notification ?

  • Zyxel_James
    Zyxel_James Posts: 749  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 100 Answers

    It seems the firewall cannot send out the auth email
    Please check CONFIGURATION > System > Notification > Mail Server. Did you input IP address or FQDN for the mail server? I suspect it's FQDN, and the firewall cannot resolve it. You can test it by Maintenance > Network Tool > Nslookup, and check if the firewall can resolve the FQDN.
    Moreover, is the account local or external?

  • Zyxel_USG_User
    Zyxel_USG_User Posts: 67  Ally Member
    First Comment Friend Collector

    Just to clarify for what it seems you want to do, to me.

    Configuring the outgoing 2FA mail is one thing, the second- I very much assume you cannot use this on the same device because the 2FA is needed to create the tunnel but in that moment your device will not be able to receive any mail.

    My experiences are below.

    Scenario A works: 2FA mail is sent to device1, the VPN is initiated on device2.

    Scenario B does not work: 2FA mail is sent to device1, the VPN is initiated on device1.

    I am happy if somebody can chime in and tell how to make also scenario B work…