dmorris. So Untangle's official opinion is that our network setup is not required to have 2FA (or the 2FA PCI requirement does not apply) and I can continue to access from any remote internet system via single factor HTTPS authentication to my UT server which has access and control over my internal network which processes Cardholder data processing? That makes it easy and can continue to manage this remotely. Thanks
Umm... I don't think that's what anyone said. We said, "Revert to defaults so that remote administration is turned off and install OpenVPN."
Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 16.5 to protect a 1Gbps fiber link for ~450 residential college students and associated staff and faculty
I am happy with the way we do it. We use captive portal. So first I have to VPN (we use openvpn) in, then input a user name/pw for captive portal, THEN https into UT.
Hope this helps.
FYI, on the captive portal, on the pass list I have the static IP of all devices that are not mobile devices. Like thin clients, servers, switches, printers, cameras.
Not this crap again.
In that case, access to a machine with one of the passed IPs would count for the second factor.
Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 16.5 to protect a 1Gbps fiber link for ~450 residential college students and associated staff and faculty
Posting Permissions
LinkBack URL
About LinkBacks
