Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Table of Contents
minLevel1
maxLevel6
minLevel1
include
outlinefalse
indentexclude
stylenone
excludeTable of Contents
typelist
class
printabletrueclass

🗒️ Introduction

Starting from June 25, 2024, Multi-Factor Authentication (MFA) will be available for the ITS Private Cloud VPN (VSS VPN). This added security measure is optional but strongly recommended to enhance the security between users and the ITS Private Cloud management interfaces.

...

This how-to explain how to enable MFA on the ITS Private Cloud VPN, and once enabled manage VPN connections with TOTP, and finally provides clarity about the session expiration and authentication.

\uD83D\uDCD8 Enable Enable MFA

The VSS VPN service web interface allows you to configure MFA for both OpenVPN and Wireguard tunnels. To enable MFA for these tunnels, follow these steps:

...

Info

Once MFA is enabled, you will need to provide a TOTP to establish a connection.

(tick) Managing VPN Connections with MFA

...

The command will prompt you to provide the TOTP generated. You can add --totp and provide the code to the same command to avoid prompting.

📅 Session Expiration and Re-authentication

...

Code Block
vss-cli vpn gw on

Filter by label (Content by label)
showLabelsfalse
max5
spacescom.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@32c6ab3f
sortmodified
showSpacefalse
reversetrue
typepage
labelskb-how-to-article
cqllabel = "kb-how-to-article" and type = "page" and space = "VSSPublic"