The enrolment process will need to be completed at the time of 2FA is enabled for your account. For new accounts, this will be enabled immediately. For accounts enabled retroactively, access to the network will cease to operate until the enrolment process has been completed.
Note: this process only needs to be completed once
When 2FA is enabled for your account, the Airwall client will prompt for authentication.
The control panel will also state ‘Needs user authentication!’
If this message appears, authentication will be required. Please stop the service if you do not wish to authenticate, as the login prompt will continue to appear until the client is instructed not to connect.
Email Verification
As the user’s email is the authentication identifier, it is crucial the email is correct. The following process will ensure the database contains the correct contact email for the user. If the email address is not found, please contact support.
- Select “Use ‘2 Factor Authentication’ (in a new web-browser)”
- This will automatically open your default web browser and redirect you to the sign in page. Select “forgot password”:
- After entering your email and pressing ‘continue’ you should receive an email requesting your email be verified. Follow the link to complete this step
If this does not arrive within 30 minutes, please contact the Syntric helpdesk
Password Reset
Once the user email address has been verified, the next step is to set the account password. An email should have automatically been sent after completing the verification process. If this email is not received, please repeat steps 1 and 2 from the verification process.
To complete the password reset, simply follow the link in the received email:
One-Time Password Enrolment
As the name implies, One-Time Passwords (OTP) are passwords which can only be used once. In addition, these passwords will update at a set time interval. Syntric recommends Google Authenticator which can be downloaded from the mobile device’s respective app store (i.e. Google Play or Apple App Store).
When searching your devices respective app store, you are looking for the following App:
After the application has been installed, please log in with your newly created password. You will need to initiate the process by pressing the ‘’Use 2 Factor Authentication” button again:
You will be taken to a page presenting a QR code:
On your mobile device, and within the Google authenticator application, press the ‘+’ symbol (1) usually located in either the top or bottom right corner, then ‘Scan barcode’ (2).
This will open the camera with a square overlay. Position the square over the code displayed onscreen and the application should automatically return to the previous screen with a set of numbers. Enter this code in the prompt in your web-browser:
Authorise Device
The final step in the process is to link your device to your account. After pressing ‘continue’ in the previous step, you should be redirected to the following prompt:
Once complete, the following will be displayed:
The Airwall will now be active and build connectivity into the environment.
Ongoing Authentication
Once authenticated, the session will remain active for a predetermined amount of time. This is configured per the client policy. If you wish to understand what this value has been set for the tenant you are connecting to, please contact Syntric.
When a new session is started, or an existing one has expired, the Airwall client will prompt the user to reauthenticate. The Control panel will also state the requirement for user authentication:
Simply press the “Use ‘2 Factor Authentication’ (in a new web-browser)” to continue. As indicated by the button, a web-browser will open and redirect you to the login page, where the user will be asked to enter their email, password and then one-time code code from Google Authenticator:
The ‘one-time code’ can be obtained from the authenticator app configured within the enrolment process:
Security warning: never share this code with anyone including Syntric staff
After entering the code, the user is redirected back to the Airwall network to confirm the connection:
The Airwall client will now be active and automatically build connectivity back into the environment