You are located in service: VPN (Virtual Private Network)

Setting up MFA for VPN (Authenticator App)

Setting up MFA for VPN (Authenticator App)


Please note

It is not possible to use the E-Mail token for the authentification in VPN.

This guide describes how to set up a second factor for the multifactor-authentification using an authenticator app and use it to log in to the VPN.

Please watch our tutorial on setting up a token for VPN.

Alternatively, you can use the following tokens for multi-factor authentication in the VPN:

Setting up a Token

To configure this type of token, please choose "Authenticator app e.g. for smartphone (TOTP)" in the Token Manager in IdM Selfservice.

Step 1 (optional): Add a description (e.g. the name of your app) and select a security code length and hash algorithm under "Advanced Options".

Step 2: Click "Create".

Step 3: Add a new service or a new account in your Authenticator App and scan the QR-Code with you device or enter the TOTP Key into the app.

Step 4: Next, enter a one-time-password (OTP) shown in the app in to the field "Verify TOTP" an click "Finish" to complete the procedure. 

The steps in the app are the following (the cost free 2FAS App is used as an example) of a TOTP App:

  1. Open the app and click on "pair new device".
  2. Scan the QR-code from the Token Manager with the app.
  3. Enter the one-time-password (OTP) from the app into the field in your browser and click "Finish".

You can now use the app as a "Authenticator App e.g. for Smartphone (TOTP)". A new one-time-password (OTP) is generated every 30 seconds.

Important: Ensure that no unauthorized third parties are able to access the app.


Connecting to the VPN

Start AnyConnect and enter you vpn server (e.g. Establish the connection by selecting "Connect".

VPN settings

Choose the group "RWTH-VPN"(Full Tunnel) or "RWTH-VPN"(Split Tunnel) and enter your username in the format ab123456. Enter your VPN password as the password. The VPN password can be changed in the IdM Selfservice. Select "OK" to continue.

VPN login

Please enter a one time password. If you have not set a token yet, you can use a current date until March 19th.

Option for entering a one time password

The connection should now have been established successfully. You can stop your connection at any time by selecting "Disconnect".

last changed on 04/26/2024

How did this content help you?

Creative Commons Lizenzvertrag
This work is licensed under a Creative Commons Attribution - Share Alike 3.0 Germany License