Offsite means that a computer is not connected to the corporate network, but is connected to the Internet. If you make your DualShield Computer Logon Agent accessible from the Internet, then your users will be able to log in to their computers with MFA anywhere at any time, as long as the computer has an Internet connection. That is why Offsite Windows Logon with MFA is also called Logon Anywhere with MFA.
To set up Offsite MFA logon, you need to complete the following steps
Table of Contents
Set Agent Public URL
In the DualShield Admin Console, find the Windows Logon Agent in Authentication | Agents
Click its context menu
Select "Edit"
Enter the Agent's Public URL in the format "https://fqdn:14294/xmlrpc", e.g. https://mfa.fakestop.com:14294/xmlrpc
Click Save.
Important: if you have multiple Windows Logon Agents, then repeat the steps above on every Windows Logon Agent.
Publish Agent Public URL
The Windows Logon Agent works on HTTPS port 14294. You need to configure your corporate firewall so that port 14294is accessible from the Internet, and that the traffic from the Internet coming to this port is forwarded to the server machine where the Windows Logon Agent is running.