We are working on giving more control over authentication within Point-to-Site connectivity to Azure.
An error occurred while saving the commentJose Sa commented
Currently our Azure P2S VPN users need to use MFA only once to connect. After authenticating for the first time with MFA, they can connect to the VPN using only their userid and password, no need to use the second factor anymore. I think this implementation does not provide independence between authentication factors, as a single set of credentials (Windows userid and password) provides access to the VPN (see scenario 2 on https://www.pcisecuritystandards.org/pdfs/Multi-Factor-Authentication-Guidance-v1.pdf).
59 votesJose Sa shared this idea ·