OPNsense Forum
English Forums => General Discussion => Topic started by: sfty1 on November 12, 2021, 03:31:59 pm
-
Hi,
how is it possible to authenticate against a radius server that requires multifactor OTP or smartphone app approval?
I'm currently in a setup, where RSA multifactor is required, but the radius always rejects the authentication.
It seems that a special OTP feature within the radius protocol is required. In the worst case it would be also possible to choose another multifactor solution than RSA. But each time when I google for opnsense radius mfa I'm getting instructions how to enable MFA with the local user database on OPNsense. But I have to authenticate agains the active directory. The bad thing is, that die Radius server is not automatically asking the MFA application on the smartphone, but requiring the OTP somehow delivered via the protocol from OPNsense.
Any help is much appreciated.
Thanks a lot.