set vpn remote-access two-factor-authentication

In the R81.10.X releases, this command is available starting from the R81.10.05 version.

Description

Configure two-factor authentication for VPN Remote Access.

See show vpn remote-access two-factor-authentication.

Syntax

set vpn remote-access two-factor-authentication

      [ use-sms {true | false} [ sms-provider {check-point | external} ] [ sms-dynamicid-url <sms-dynamicid-url> ] [ sms-provider-username <sms-provider-username> ] [ sms-provider-password <sms-provider-password> ] [ sms-api-id <sms-api-id> ] [ sms-message "<sms-message>" ]

      [ use-email {true | false} ] [ email-provider {check-point | external} ] [ email-dynamicid-path <email-dynamicid-path> ] [ email-api-id <email-api-id> ] [ email-message "<email-message>" ] [ one-time-password-length <one-time-password-length> ] [ one-time-password-expiration <one-time-password-expiration> ] [ one-time-password-retries <one-time-password-retries> ] [ default-country-code <default-country-code> ]

Parameters

Parameter

Description

default-country-code

The default country code for phone numbers that do not include a country code.

Type: A number with no fractional part (integer).

email-api-id

The API ID required by the email provider.

A string of alphanumeric characters without space between them:

  • a-z (lower-case letters)

  • A-Z (upper-case letters)

  • 0-9 (digits)

email-dynamicid-path

The DynamicID path when sending email messages using a user defined email provider.

email-message

The email message that will be sent to the user.

email-provider-password

The password required by the email provider.

email-provider-username

The username required by the email provider.

email-provider

Indicates which provider will send the email messages.

one-time-password-expiration

The time users have to enter the one time password before it expires (in minutes).

one-time-password-length

Number of characters used in the one time password.

Type: A number with no fractional part (integer).

one-time-password-retries

The number of times users can attempt to enter the one time password before the entire authentication process restarts.

sms-api-id

The API ID required by the SMS provider.

A string of alphanumeric characters without space between them:

  • a-z (lower-case letters)

  • A-Z (upper-case letters)

  • 0-9 (digits)

sms-dynamicid-url

The DynamicID URL when sending SMS message using a user defined SMS provider.

sms-message

The SMS message that will be sent to the user.

sms-provider

Indicates which provider will send the SMS messages.

sms-provider-password

The password required by the SMS provider.

sms-provider-username

The username required by the SMS provider

A string that contains up to 64 characters without spaces, of this set:

  • a-z (lower-case letters)

  • A-Z (upper-case letters)

  • 0-9 (digits)

  • '.' (period)

  • '-' (minus)

  • '@' (at)

use-email

Indicates whether sending email messages is enabled (true) or disabled (false).

use-sms

Indicates whether sending SMS messages is enabled (true) or disabled (false).

Example Command

set vpn remote-access two-factor-authentication use-sms true sms-provider check-point sms-dynamicid-url urlDynamicId sms-provider-username admin sms-provider-password extendedPassword sms-api-id 123SmsAPI456 sms-message "Hello" use-email true email-provider check-point email-dynamicid-path emailDynamicId email-api-id 123EmailAPI456 email-message "Hello" one-time-password-length 8 one-time-password-expiration 5 one-time-password-retries 3 default-country-code 8