-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
Configuring One-Time password
03/26/2020 
181 People found this article helpful
491,897 Views
Description
The SSL VPN administrator can enable the One Time Password feature on a per-user or per-domain basis.
Resolution
Mail Server settings in the Log | Settings page:
In order to use the SSL VPN One Time Password feature, the administrator must configure valid mail server settings in the Log | Settings page of the SSL VPN management interface. The administrator can configure the One Time Password feature on a per-user or per-domain basis, and can configure timeout policies for users.
If the email addresses to which you want to deliver your SSL VPN One Time Passwords are in an external domain (such as SMS addresses or external webmail addresses), you will need to configure your SMTP server to allow relaying from the SSL-VPN to the external domain.
Enabling One Time Password feature on a per-user basis:
The administrator must edit the user settings in the SSL VPN management interface. The administrator must also enter an external email address for each user who is enabled for One Time Passwords.
Enabling One Time Password feature on a per-domain basis:
For users of Active Directory and LDAP, the administrator can enable the One Time Password feature on a per-domain basis.
Note: Enabling the One Time Password feature on a per-domain basis overrides individual "enabled" or "disabled" One Time Password settings. Enabling the One Time Password feature for domains does not override manually entered email addresses, which take precedence over those auto-configured by a domain policy and over AD/LDAP settings.
How to Test:
To use the One-Time Password feature, perform the following steps:
Step 1: If you are not logged into the SSL VPN Virtual Office user interface, open a Web browser and type the Virtual Office interface URL in the Location or Address bar and press Enter. Type in your standard User Name field and your password in the Password field, then select the appropriate domain from the Domain pull-down. Click Login.
Step 2 The prompt "A temporary password has been sent to user@email.com" will appear, displaying your pre-configured email account.
Step 3 Login to your email account to retrieve the one-time password.
Step 4 Type or paste the one-time password into the Password: field where prompted and click Login.
Step 5 You will be logged in to the Virtual Office.
Note One-time passwords are immediately deleted after a successful login, and cannot be used again. Unused one-time passwords will expire according to each user's timeout policy.
Configuring One-Time Passwords for SMS-Capable Phones
SonicWall SSL VPN One-Time Passwords can be configured to be sent via email directly to SMS-capable phones. Contact your cell phone service provider for further information about enabling SMS. Below is a list of SMS email formats for selected major carriers, where 4085551212 represents a 10-digit telephone number and area code.
Note These SMS email formats are for reference only. These email formats are subject to change and may vary. You may need additional service or information from your provider before using SMS. Contact the SMS provider directly to verify these formats and for further information on SMS services, options, and capabilities.
Verizon: 4085551212@vtext.comSprint: 4085551212@messaging.sprintpcs.comAT&T: 4085551212@mobile.att.netCingular: 4085551212@mobile.mycingular.comT-Mobile: 4085551212@tmomail.netNextel: 4085551212@messaging.nextel.comVirgin Mobile: 4085551212@vmobl.comQwest: 4085551212@qwestmp.com
Verifying User One-Time Password Configuration
If you are successfully logged in to Virtual Office, you have correctly used the One-Time Password feature.
If you cannot login using the One-Time Password feature, verify the following:
Are you able to login to the Virtual Office without being prompted to check your email for a one-time password? You have not been enabled to use the One-Time Password feature. Contact your SSL VPN administrator.
Is your email address correct? If your email address has been entered incorrectly, contact your SSL VPN administrator to correct it.
Is there no email with a one-time password? Wait a few minutes and refresh your email inbox. Check your spam filter. If there is no email after several minutes, try to login again to generate a new one-time password.
Have you accurately typed the one-time password in the correct field? Re-type or copy and paste the one-time password.
Troubleshooting Common Errors
Symptom I see an error message indicating that an email configuration is invalid, and I have verified that the One-Time Password feature is configured correctly.
Possible Cause The SonicWall SSL VPN One-Time Password feature does not support email servers that require passwords or other authentication. Your email server must allow anonymous access to allow the One-Time Password feature to successfully send a one-time password.
Related Articles
- How to Set Timeout for Inactive Tunnel Connections
- Commands for silent installation of NetExtender via CMD line
- Users on Netextender 10.3.0 version failing to connect with the following error message " Cannot get a response from the server "
YES
NO