Getting Started with MFA for VPN
To enhance the security of our Virtual Private Network (VPN), the Alamo Colleges District will require Multi-Factor Authentication (MFA) with a One Time Password (OTP) generated from a mobile device application. This will be used in conjunction with your active directory username and password.
Readiness Checklist
- Submit Footprints requesting access
- Request installation or upgrade of the FortiClient
- Download and install the FortiToken Mobile application on your mobile device
- Scan and fix vulnerabilities using FortiClient
Getting Started
Select each header link below to expand the section for detailed steps.
Submit a Footprints request using the "MFA VPN Access Request" template for access.
You will need to request the installation (or update to version 6.4.6 or higher) of FortiClient on your device(s) by submitting a Footprints ticket or contacting your local IT Help Desk.
1. Install the FortiToken Mobile application
The FortiToken Mobile application is available on three mobile platforms: iOS, Android, and Windows.
- Visit the iTunes app store to download the free FortiToken Mobile IOS application.
- Visit the Google Play store to download the free FortiToken Mobile Android application.
- Visit the Microsoft store to download the free FortiToken Mobile Windows application.
2. Register the FortiToken Mobile application
In order to use the FortiToken Mobile app on your mobile device, you will need to activate a token that will be sent to your Alamo email by the system administrator. Once activated, you can immediately generate OTPs on your device.
FortiToken Activation Email Message
After your system administrator assigns your token, you will receive a email notification from [email protected] with a QR code attachment and an activation expiration date and time by which you must activate your token.
2.1. Notice: The emailed token will expire within 4 hours of being sent to you.
The activation email will look similar to this:
Before you begin, make sure your devices are set to the correct time and that you have Internet access.
Activate Your Token
You can activate your token on the FortiToken Mobile IOS, Android, and Windows application once you receive an Activation Code via email.
This process is easiest performed with both your Alamo mailbox and FortiToken Mobile application open.
Scan Barcode
On your device, open the email QR code attachment that was sent from [email protected].
If your mobile device supports QR code recognition, you can simply press Scan Barcode from the Fortitoken Mobile home screen and point your device's camera at the opened QR code attachment.
Successful registration will allow the token to appear in FortiToken Mobile.
The vulnerability scan within FortiClient should be used to help identify and assist you with correcting issues with your device before connecting to the Alamo Colleges network through VPN.
Open FortiClient on your device and select Vulnerability Scan [1] from the menu on the left. From there you can select Scan Now [2] to scan for vulnerabilities and updates that need to be installed. Once the scan has completed, you can view the vulnerabilities that were detected. To correct these, select Fix Now [3].
If you do not have the ability to patch, update, or correct the detected vulnerabilities--or if you are unsure whether to proceed--please contact your local IT Help Desk before using VPN.
Connect to AlamoVPN-MFA
- Open FortiClient on your device and select Remote Access from the menu on the left.
- In the "VPN Name" field, select AlamoVPN-MFA from the drop down menu.
- Enter in your domain\username and computer password, then click the Connect button.
- Your domain is associated with your location of work. There are 6 domains across the Alamo Colleges District. district, nlc, nvc, pac01, spc, sac
- Your username is the first part of your email prior to the @alamo.edu.
4. From your mobile device, open FortiToken Mobile app and complete one of the following options:
- Press Approve on the login request message on your mobile device to bypass typing in the OTP. This will automatically connect your device to AlamoVPN-MFA. (Skip Step 5 if you select this option.)
OR
- Touch the eye icon to show the token (OTP) and proceed to Step 5.
A new token (OTP) will be issued when the timer has finished, so be sure to give yourself enough time type the token into FortiClient before it expires.
- Back on your device, type the token (OTP) into the "Token" field [1] and click the OK button [2].
Getting Assistance with Alamo MFA for VPN
For assistance with expired tokens, please see this guide.
0 Comments
Add your comment