Microsoft Authetnicator Issue
I have a number of MFA authenticators, but when I implemented my Firewalla Gold Plus I noticed that push requests to my Pixel phone would hang when I responded to them. If I am on the cellular network, everything works as expected. But when I am on my home network, I get the push, I key in the two digit number and the MS Authenticator app just spins endlessly. The workaround is to tell the authentication request to use the six digit code from MS Authenticator. Is there some rule or other setting I can change to stop this behavior?
FYI I am a networking professional, so please do not give me all of the easy stuff like updating the software on all devices as they are current. I've used Wireshark to capture the packets involved and as near as I can tell the message back to MS Authenticator asking to approve the logon request either never gets to Microsoft or the ACK back never gets back to the mobile app. Which seems odd given the rest of the traffic works up to that point. So that leaves me with the Firewalla blocking something inbound.
-
I am also having this issue, Emergency Access doesn't work. I have to get off my Wi-Fi in order to accept the MFA prompts. The prompts come, but I cannot approve them it just hangs. I don't see anything in blocked flows. I also don't have ad block on, I'm using normal DNS, very strange.
-
If emergency access doesn't work, and you are not using any fancy blocking DNS, and not using VPN, then the problem is highly unlikely to be related to the Firewalla.
Do try to turn off ipv6 if you have it, or reboot your modem and see if it can get a new IP, both of these are related to your ISP, not firewalla.
-
I highly doubt it's my ISP, this only started since the installation of my Firewalla two weeks ago. not a coincidence. I have also have a static IP through ATT Fiber, and I have restarted ISP modem, and Firewalla in sequence with no success on the MFA issue. Thanks for the ipv6 suggestion, I will try that.
Please sign in to leave a comment.
Comments
6 comments