How to configure personal devices to be required One-Time Password while accessing from Outside of the Corporate Network?

Question

Is it possible to request OTP when devices other than work PCs access from outside the company?

Answer

It can be achieved by configuring the [Conditions not requiring OTP] in the Access Policy Group.

※ "Work PC" refers to a PC that has a login history from an internal IP address.

Detailed Procedure

Editing the Access Policy Group in HENNGE Access Control is done through the left menu [User] - [Access Policy Group] in the HENNGE Access Control admin panel.

Note that it is necessary to switch to the Modern View beforehand.

Switch to Modern View

Setting to request OTP when accessed from outside the company

  1. Set [Conditions to Allow Access] in [Access Policy Group] to "Always Allow."

  2. Set [Conditions not requiring OTP] in [Access Policy Group] to "Allow OTP to be skipped when" and specify "Internal IP Address" in the condition expression.

By making these settings...

Devices accessing from an "Internal IP Address" will not be prompted for OTP, but OTP will be required when accessed from outside the company.

Setting an entrance pass for browsers with access history from internal

  1. Set [Domain Settings] - [Others] - [Entrance Pass (Cookie)] - [Conditions for Issuing Entrance Pass] to "Allow under the following conditions" and specify "Internal IP Address" as the issuance condition.

※ Setting to "Always Allow" will result in the issuance of an entrance pass upon successful login.
※ This is useful when different access permission conditions are set in multiple access policy groups.

  1. Set [Conditions to Allow Access] in [Access Policy Group] to "Always Allow."

  2. Enable [Conditions not requiring OTP] in [Access Policy Group] and set the permission condition to "Internal IP Address or conditions allowing access with an entrance pass" as follows.

By making these settings...

Browsers that have accessed from an internal IP address can log in with an entrance pass from outside the company, and OTP will not be required.

Note

Entrance passes are only valid for browser access. They cannot be used for desktop applications and mobile applications.

References

Editing Access Policy Groups (Modern View)

Additional Settings (Modern View)

          
Was this article helpful?