OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: gdur on September 09, 2019, 04:52:24 pm

Title: OpenVPN
Post by: gdur on September 09, 2019, 04:52:24 pm

https://docs.opnsense.org/manual/how-tos/sslvpn_client.html (https://docs.opnsense.org/manual/how-tos/sslvpn_client.html) only provides a guideline how to setup a 2FA. Is there anywhere a proper guideline to setup 1FA?

Title: Re: OpenVPN
Post by: casper1980 on September 09, 2019, 05:03:34 pm

gdur,

It's pretty simple  - when setting up the OpenVPN server you can still follow these instructions but when you get to "Setting up the TOTP Server" do not set up a TOTP but instead, under VPN->Openvpn->servers, select the "Local Database" as the "Backend for authentication".

When adding the user, do not bother with TOTP seed and you can then use the username/password only to authenticate. 

That said, the TOTP setup is really easy and much more secure - I would seriously consider it.

Title: Re: OpenVPN
Post by: gdur on September 09, 2019, 05:23:25 pm

Hi casper1980, thanks for your speedy response! I figured that one and I have it up and running but ran into a strange behaviour which isn't secure at all. See my other post, https://forum.opnsense.org/index.php?topic=14152.0 (https://forum.opnsense.org/index.php?topic=14152.0)