ProxySG & Advanced Secure Gateway

Hi All,

 

I have followed the steps to achieve Two factors Auth.from below Article I found on google.

https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/24000/PD24128/en_US/StepbyStepGuidesforBluecoatProxySG.pdf

all steps are done when I try to log in to user receive OTP but not able to see the second page of OTP. 

Hi Jahangir,

Kindly test the below Scenario and let me know the status

1. When you are login use the <password> and <otp> at the same time and login.
2. Disable the Two factor Authentication option in RADIUS realm and try to Login, if you are able login then I have to test the above scenario.

As per my observation when there is some configuration missing or when Proxy will not able to verify your credential it will not give you any prompt.

 

---

WR

Raunak Tiwari

 

Dear Jahangir, ProxySG is not capable of performing a Two-Factor authentication own its own. You need to rely on a Radius realm which can then do the validation based on the input given. You can see this in our article https://www.symantec.com/docs/TECH241239

Hi Raunak,

as you suggested i have tested the same still issue persist i am attaching the promt which am getting.

 

Regards,

Jahangir Shaikh

Dear Aboonaim,

 

I have followed the admin guide and done the steps.

when I test the user configuration test failed.

 

attached is the screen shot

 

Regards,

Jahangir Shaikh

Dear Jahangir, Can you share sysinfo and event log after re producing the issue

HI Jahangir,

 

             Two-factor is not supported for management console access. " SecurID can only be used for user authentication through the proxy, and not authentication to the proxy " .

Hi Arvind,

I found one article on the internet according to that it can be achieved Two-factor proxy.

https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/24000/PD24128/en_US/StepbyStepGuidesforBluecoatProxySG.pdf

 

Regards,

Jahangir Shaikh

 

Hi Jahangir,

 

    When I read through the article, it is mentioning about form-based authentication for user access. I don’t see it to be mentioning about using it for management console access. Did you find it explicitly mentioning the control of Mgmt console ?

 

Hi Arvind,

 

Thanks for the information really appreciate that.

Dear Jahangir, What Aravind is said correct It is not supported by the proxy because it there is no additional field for you to enter additional credentials. However it might be possible if your radius is able to send a token request to an external device.