Proxy will expose user MFA endpoints from core by connecting with GRPC to defguard.
Defuard client before connect will need to go through MFA exactly the same as after doing login on the web.
After successful MFA on client - the client receives a unique PSK KEY for this device, the gateway receives action of adding a new PEER with this PSK key.
In VPN Settings we need a checkbox Require MFA to connect to this Location (enabled by default).
Add rate limit - 5/min && (if possible) after that 1min brake.
In VPN Settings we need a checkbox Require MFA to connect to this Location (enabled by default).
Add rate limit - 5/min && (if possible) after that 1min brake.