Using 2 Factor Authentication with VPN - OSX
Note: Duo Two-Factor Authentication is only compatible with the Cisco AnyConnect Secure Mobility Client. It is not compatible with the Cisco IPSec client that is included with OS X.
If you are set up for Duo Two-Factor Authentication, here is how to use it with the AnyConnect Secure Mobility Client for OS X:
- Launch the Cisco AnyConnect Application.
- Once the AnyConnect pop-up box is displayed, click on the "Connect" button. The software should then begin the authentication process.
- Next, the credential pop-up will appear. In the "Group:" drop-down menu, click on the arrows to the right and select the "gatech-2fa-Duo".
- You will then notice that a "Second Password:" text entry appears. Enter your GT Username and GT password. In the "Second Password:" text entry, please enter one of the following (without the quotes), then click the "OK" button:
- The code generated by the Duo Mobile app. This is the code that you get by hitting the "key" on the upper right side of the app.
"phone", "phone2", "phone3"....... "phoneN".
Note: There is no "phone1" since "phone" and "phone1" both reference the first phone number you entered into the system. The phone number list is directly related to the order in which you setup your various phones in the Duo system. "phone" will call your 1st phone (likely your cell) and "phone2" will call your office or which ever secondary phone number you entered at the time your Duo Account was configured etc.
- If you take too long to respond with your secondary athentication method, the system will tme out with an error.
- In this example we entered "push". On your secondary device you will have the following screen, once we initiate the Duo Mobile app on our device and click the "Duo Push" icon in the lower left hand side. Click the "Approve" button to authenticate.
- The VPN client will now authenticate based on the second factor and initiate a connection. Click the "Accept" button.
- That's it, you are connected using 2 Factor Authentication! To verify connectivity, the AnyConnect VPN icon, on OSX menu bar, will show an orange lock.