Safety1st Posted February 5 Share Posted February 5 (edited) Hi there! Yesterday I installed latest IPS from scratch and successfully enabled 2FA with Google Authenticator app for my account. Today I can't login from a new device, it's just endless circle 🙂 Edited February 5 by Safety1st Link to comment Share on other sites More sharing options...
Marc Stridgen Posted February 5 Share Posted February 5 When you say "Endless circle" what exactly is happening? Its not clear from a static screenshot what steps you are getting Link to comment Share on other sites More sharing options...
Safety1st Posted February 5 Author Share Posted February 5 (edited) Endless request for a new code 🙂  I found out the circumstances for what happening: it happens when client uses private IP: Logged in from a new device but did not complete two-factor authentication: Edge 121.0.0.0 on Windows. 1 hour ago 10.1.140.205 It is used when a user connects from inside the hosting network (using VPN). From outside 2FA works well. Edited February 5 by Safety1st Link to comment Share on other sites More sharing options...
Jim M Posted February 5 Share Posted February 5 Does the VPN not have access to Google or Google services? That may be the issue as the API is failing. Link to comment Share on other sites More sharing options...
Safety1st Posted February 5 Author Share Posted February 5 VPN does not have access to Internet at all. If 2FA couldn't work due to such issue may be add an option in ACP settings to bypass 2FA if private IP is used? Link to comment Share on other sites More sharing options...
Jim M Posted February 5 Share Posted February 5 1 hour ago, Safety1st said: VPN does not have access to Internet at all. If 2FA couldn't work due to such issue may be add an option in ACP settings to bypass 2FA if private IP is used? You're more than welcome to suggest this in our Feedback section but I personally find that to be a security loophole. Link to comment Share on other sites More sharing options...
Safety1st Posted February 6 Author Share Posted February 6 For some reason 2FA works at least from time to time from private IPs 🙂 Yesterday my colleague successfully enabled 2FA after promoting to Administrator, today I was able to pass 2FA check… Link to comment Share on other sites More sharing options...
Randy Calvert Posted February 6 Share Posted February 6 Then it sounds like something in your network routing might be impacting things. Â The IPB software obviously did not change. Â However it could be something like the order in which you connected to the VPN, or if the VPN uses split tunnel vs full tunnel, or if a default route is defined in an odd manner. Â Link to comment Share on other sites More sharing options...
Safety1st Posted February 6 Author Share Posted February 6 The root cause is not determined, yeah 🙂 I use Cisco AnyConnect which captures only traffic to predefined networks. So I should have common access to Google services... Link to comment Share on other sites More sharing options...
Marc Stridgen Posted February 7 Share Posted February 7 Have you checked with that switched off? Link to comment Share on other sites More sharing options...
Safety1st Posted February 7 Author Share Posted February 7 What switched off? Link to comment Share on other sites More sharing options...
Marc Stridgen Posted February 7 Share Posted February 7 You mentioned above you are using cisco connect Link to comment Share on other sites More sharing options...
Safety1st Posted February 7 Author Share Posted February 7 I didn't test. Will do if I meet the problem again. Marc Stridgen 1 Link to comment Share on other sites More sharing options...
Recommended Posts