Forum Discussion
NimbostratusGoogle Authenticator usage for an enterprise
We are planning to use Google Authenticator as a two factor authentication mechanism in our firm. Currently we are using RSA Secure ID.We are planning to migrate to Google Authenticator as this is an open source. My question to all of you is "How can i set this up and start using Google Autheticator"
4 Replies
jim_mcmurchie_1We just finished making that addition. There are multiple steps, from creating the virtual server to setting the iRule and work flow. A good starting point is https://devcentral.f5.com/articles/two-factor-authentication-with-google-authenticator-and-apm.U4zbh_mwJpU. The last hurdle I had to jump was in the workflow. Google authentication myst run a success path to an empty activity containing the branch rules for the conditions returned by the Authentication process. There is lots of help on line here. Everyone was very patient with me.
Bertrand_8797Hello all,
I'm implementing GA solution for 2FA using article. But I'm encountering an issue during my tests. I generated my private key using the iRules dedicated on. I've added the QR code in my application and it detects correctly the username. After that I've connected to web authentication page with AD credentials and I put on the token generated by the application. But each time, I redirect to an error page but I'm not able to analyse the reason of this issue. Is someone implement this 2FA ? How can I do to troubleshoot my issues ?
Thanks a lot.
Bertrand.
- jim_mcmurchie_1
My first question is where are you storing the QR code in AD to be tested against?
- Bertrand_8797
Hey Jim !
The QR code is used to work with an application like google authenticator. When you have generated the QR code it s generate to you a key. You have 2 options to store this key: 1- in datagroup list where the string is the username and the value is the key. 2- in attibute Active Directory
Bertrand.
