This article describes how to protect the Hybrid Access Gateway administrator's web interface with two-factor authentication (2FA).

Prerequisites

Expand

title	Prerequisites

A user group with access to the web resource (the Hybrid Access Gateway administrator's web interface) must exist. For information how to create a user group, see Create user group.
The administrators that shall have access to the HAG web interface have been added to the user group. For information how to add a user to a user group, see Add user to user group.

Step by step instruction

Expand

title	Create 2FA access rule

Go to Manage Resource Access.
Click Access Rules > Add Access Rule...
Enter a display name and click Add Rule...
Panel
title Example: Display Name
myAdministratorsAccessRule
Select type of access rule. In this case, select Authentication method and click Next.
Select and add the authentication methods that shall be used for 2FA.
Note
The selected access rules are used for authorization in the order they are selected.
Specify that the authentication methods shall be combined with a logical AND and click Next.
Confirm the access rule creation. Click Next.
Click Next again and then click Finish.

Expand

title	Add standard web resource for Hybrid Access Gateway Admin web resource

Panel

title	Example: Values for standard web resource

Display Name: HAG Admin

Description: Administrator's interface for Hybrid Access Gateway

Host: 10.75.112.20

HTTP port: 80