How to setup two factor authentication in SSL VPN tunnel by Email to SMS
The Email to SMS function can help to send the SMS to client. The SMS message is initialed from device to SMS provider, and then SMS provider send the SMS to client. This function can help to make sure user receives SMS if client without Internet connection.
1. Setup Email to SMS function
A. Subscribe Email to SMS account
Sign-up an account of Email to SMS service and purchase credit.
Check the Email-to-SMS provider available in your country and choose the right SMS gateway provider to meet your needs.
Example: ClickSend (https://www.clicksend.com/)
After Sing-in to ClickSend, Go to setup allowed EAMIL address on Click.
Go to SMS > Email SMS. Click Manage Allowed Address button. Click “Add new Manage Allowed Address” to create an email address which will sent to ClickSend.
Go to Configuration > system > Notification > SMS Select “SMS Provider” as Email to SMS Provider
Enter SMS Provider Email server domain name.
And configuring sender mail address in “Mail From”
B. Setup notification server
Go to CONFIGURATION > System > Notification > Mail Server Field your SMTP serve configuration.
a. Mail server
b. Mail server ports
c. Mail From (Email address which allowed In ClickSend)
d. SMTP Authentication
C. Setup user account
Go to Configuration > Object > User/Group > User Click Add button to create an user.
And also entered phone number of this user.
2. Setup SSL VPN rule
Go to Configuration > VPN > SSL VPN and click “Add” button to create a new SSL VPN rule.Add user into the SSL VPN rule, and setup SSL VPN pool range into VPN tunnel.
3. Enable Two-Factor Authentication in VPN Access
Go to Configuration > Object > Auth Method > Two-Factor Authentication > VPN Access
Enable the function. and add the user which you added in the rule.Enable the SMS in Authorize Link Method.
Test the Result
After client connected to SSL VPN tunnel, then client will receive the SMS.
And then after clicked URL, it will redirect to Authorize page.
After click Authorize button, then user can access to Intranet without any problem.