Safety1st Posted February 5 Posted February 5 (edited) Hi there! Yesterday I installed latest IPS from scratch and successfully enabled 2FA with Google Authenticator app for my account. Today I can't login from a new device, it's just endless circle 🙂 Edited February 5 by Safety1st
Marc Posted February 5 Posted February 5 When you say "Endless circle" what exactly is happening? Its not clear from a static screenshot what steps you are getting
Safety1st Posted February 5 Author Posted February 5 (edited) Endless request for a new code 🙂 I found out the circumstances for what happening: it happens when client uses private IP: Logged in from a new device but did not complete two-factor authentication: Edge 121.0.0.0 on Windows. 1 hour ago 10.1.140.205 It is used when a user connects from inside the hosting network (using VPN). From outside 2FA works well. Edited February 5 by Safety1st
Jim M Posted February 5 Posted February 5 Does the VPN not have access to Google or Google services? That may be the issue as the API is failing.
Safety1st Posted February 5 Author Posted February 5 VPN does not have access to Internet at all. If 2FA couldn't work due to such issue may be add an option in ACP settings to bypass 2FA if private IP is used?
Jim M Posted February 5 Posted February 5 1 hour ago, Safety1st said: VPN does not have access to Internet at all. If 2FA couldn't work due to such issue may be add an option in ACP settings to bypass 2FA if private IP is used? You're more than welcome to suggest this in our Feedback section but I personally find that to be a security loophole.
Safety1st Posted February 6 Author Posted February 6 For some reason 2FA works at least from time to time from private IPs 🙂 Yesterday my colleague successfully enabled 2FA after promoting to Administrator, today I was able to pass 2FA check…
Randy Calvert Posted February 6 Posted February 6 Then it sounds like something in your network routing might be impacting things. The IPB software obviously did not change. However it could be something like the order in which you connected to the VPN, or if the VPN uses split tunnel vs full tunnel, or if a default route is defined in an odd manner.
Safety1st Posted February 6 Author Posted February 6 The root cause is not determined, yeah 🙂 I use Cisco AnyConnect which captures only traffic to predefined networks. So I should have common access to Google services...
Safety1st Posted February 7 Author Posted February 7 I didn't test. Will do if I meet the problem again. Marc 1
Recommended Posts