So we are looking to implement AS, and have it up and running. The main web interface is listening publically, and a 2nd web interface is private only, where the admin web page is served. We are also using Google Authenticator for 2FA.
The admin account needs to be accessed by multiple users, so Google Auth has been disabled on that account manually via sacli - however, it seems in this scenario, the admin account can still login via OpenVPN connect. Is there any way to change permissions so that the admin account can ONLY log into the admin web interface? There is no scenario where that account would ever connect externally, and we'd like to implement it that way to comply with security policy.
Sorry if this has been answered already elsewhere, my search fu has failed me if that's the case.
Thanks in advance!
Ask questions about your Access Server configuration here.
1 post • Page 1 of 1