I was curious what TE members are doing for remote access VPN, split or full tunnel. Also, wondering how many are also using MFA for VPN
I'm currently using GlobalProtect (Palo Alto), with a full tunnel and MFA using user certs. I have a requirement that we must use "Always On", so the VPN connects automatically on external networks. It detects when it is internal.
The main reason for the question is, a few have requested that we switch to OTP instead of certs, but this gets a little tricky. If the user fails to enter the proper OTP, the VPN connection will fail and their internet traffic will go through their internet connection, instead of sending it to our firewall.