Enroll for Two-Factor Authentication from a DMZ-Connected Client
This section only applies to User Accounts that are configured for two-factor authentication
The enrollment process for 2FA (two-factor authentication) differs slightly if you attempt that enrollment on a ViewX client that is connected to a DMZ server. The enrollment process requires synchronizations with the Main server.
When you attempt to enroll for 2FA with a DMZ-connected client, the DMZ server transmits the information to the Main server in batched requests. As such, your first attempt to log on to a client that is connected to a DMZ server will be unsuccessful and an event will be logged. The unsuccessful logon attempt initiates the TOTP 2FA enrollment in the Main server. You will then be able to proceed with a TOTP 2FA enrollment from that DMZ-connected client. You should then attempt a subsequent logon, for which you will be prompted to follow the normal enrollment process (see Enroll for Two-Factor Authentication). You should aim to start the subsequent logon attempt before the enrollment period expires. Provided that you enter valid logon credentials, including a valid one-time password, this second enrollment attempt should be successful.
If the latter enrollment request to the Main server fails, subsequent logon attempts will require a new enrollment. If this happens, contact a system administrator for assistance.