Operation: Configure OTP
Description: Configure global OTP parameters. 

Sample Configuration
<OTPSettings> <otp /> <allUsers /> <otpUsers> <user /> </otpUsers> <tokenAutoCreation /> <otpUserPortal /> <otpSSLVPN /> <otpWebAdmin /> <otpIPsec /> <defaultTimeStep /> <maxTimeStepsInterval /> <maxInitialTimeStepDiff /> </OTPSettings>



Parameter Mandatory Default Description
OTPNo  
Switch OTP on or off.
OTP confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Only '0', '1' are allowed.
OTP for all usersNo  
Require all users to provide One Time Passwords. Otherwise OTP has to be enabled for users or groups explicitly.
OTP for all users confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Only '0', '1' are allowed.
OTP auto creationNo  
User specific OTP tokens may be generated automatically when a user is created. This feature can be switched on or off.
OTP auto creation confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Only '0', '1' are allowed.
userportalNo  
Access to selected facilities may require One Time Passwords. Those facilities can be selected here.
userportal confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Only '0', '1' are allowed.
sslvpnNo  
Access to selected facilities may require One Time Passwords. Those facilities can be selected here.
sslvpn confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Only '0', '1' are allowed.
webadminNo  
Access to selected facilities may require One Time Passwords. Those facilities can be selected here.
webadmin confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Only '0', '1' are allowed.
wafNo  
Access to selected facilities may require One Time Passwords. Those facilities can be selected here.
waf confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Only '0', '1' are allowed.
ipsecNo  
Access to selected facilities may require One Time Passwords. Those facilities can be selected here.
ipsec confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Only '0', '1' are allowed.
hotspotNo  
Access to selected facilities may require One Time Passwords. Those facilities can be selected here.
hotspot confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Only '0', '1' are allowed.
default time stepNo  
The One Time Password can only be used once within a certain time interval. The length of that interval can be selected here.
default time step confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Range 10 to 300 is allowed.
  • Maximum digits allowed are 3.
Max Time Steps IntervalNo  
Due to clock drift the matching One Time Passwords is looked for max time steps back and forward in time, respectively.
Max Time Steps Interval confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Range 0 to 10 is allowed.
  • Maximum digits allowed are 2.
Initial Max Time Steps IntervalNo  
Due to missing clock synchronization, at the very first utilization of an OTP token the matching One Time Password is looked for max time steps back and forward in time, respectively.
Initial Max Time Steps Interval confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Range 0 to 600 is allowed.
  • Maximum digits allowed are 3.



Operation   Status   Message
Configure OTP200
Configure OTP500


) Copyright 2017 Sophos Limited. All rights reserved.
Sophos is registered trademarks of Sophos Limited and Sophos Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.