How to setup two factor authentication in SSL VPN tunnel by Email to SMS

Zyxel_Stanley
Zyxel_Stanley Posts: 1,377  Zyxel Employee
100 Answers 1000 Comments Friend Collector Seventh Anniversary
edited April 2021 in Security

The Email to SMS function can help to send the SMS to client. The SMS message is initialed from device to SMS provider, and then SMS provider send the SMS to client. This function can help to make sure user receives SMS if client without Internet connection.


1.   Setup Email to SMS function


A.      Subscribe Email to SMS account

Sign-up an account of Email to SMS service and purchase credit.

Check the Email-to-SMS provider available in your country and choose the right SMS gateway provider to meet your needs.

Example: ClickSend (https://www.clicksend.com/)

After Sing-in to ClickSend,  Go to setup allowed EAMIL address on Click.

Go to SMS > Email SMS. Click Manage Allowed Address button. Click “Add new Manage Allowed Address” to create an email address which will sent to ClickSend.


Go to Configuration > system > Notification > SMS Select “SMS Provider” as Email to SMS Provider

Enter SMS Provider Email server domain name.

And configuring sender mail address in “Mail From”


B.    Setup notification server

Go to CONFIGURATION > System > Notification > Mail Server Field your SMTP serve configuration.

a.    Mail server

b.    Mail server ports

c.    Mail From (Email address which allowed In ClickSend)

d.    SMTP Authentication


C.   Setup user account

Go to Configuration > Object > User/Group > User Click Add button to create an user.

And also entered phone number of this user.


2.   Setup SSL VPN rule

Go to Configuration > VPN > SSL VPN and click “Add” button to create a new SSL VPN rule.

Add user into the SSL VPN rule, and setup SSL VPN pool range into VPN tunnel.

3.   Enable Two-Factor Authentication in VPN Access

Go to Configuration > Object > Auth Method > Two-Factor Authentication > VPN Access

Enable the function. and add the user which you added in the rule.

Enable the SMS in Authorize Link Method.

Test the Result 

After client connected to SSL VPN tunnel, then client will receive the SMS.


Log Entries: 

SMS Authorize:

And then after clicked URL, it will redirect to Authorize page.

After click Authorize button, then user can access to Intranet without any problem.


Security Highlight