Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
16.7 Legacy Series
»
2FA token not working for OpenVPN dialin
« previous
next »
Print
Pages: [
1
]
Author
Topic: 2FA token not working for OpenVPN dialin (Read 5709 times)
woo
Newbie
Posts: 28
Karma: 3
2FA token not working for OpenVPN dialin
«
on:
August 03, 2016, 02:25:37 pm »
Hi,
I just did my first OpenVPN test runs on 16.7 (after having worked around my earlier reported issue with the client export), and I noticed that VPN dialin does not seem to use 2FA tokens even though I have configured one for the users. I can just connect with username and password. When I try to append the 2FA token string after or before the password, as is customary for that method, the authentication fails.
Is this not supposed to work like that, or is there something broken? If it's the latter, how could I go about finding and fixing the cause?
Regards
~woo
Logged
woo
Newbie
Posts: 28
Karma: 3
Re: 2FA token not working for OpenVPN dialin
«
Reply #1 on:
August 03, 2016, 02:29:05 pm »
nevermind.. I had the wrong authentication backend in my OpenVPN server config.. apparently forgot to save the changes.
Logged
woo
Newbie
Posts: 28
Karma: 3
Re: 2FA token not working for OpenVPN dialin
«
Reply #2 on:
August 03, 2016, 02:34:25 pm »
Just an opinion to the 2FA concept:
Having the token number
before
the password puts the user into a certain time constraint, having to enter more or less complex passwords within the 30 seconds refresh time. That's why many (most?) other 2FA concepts either have a separate field for the token (won't be possible with the current OpenVPN client), or ask for the token
after
the password.
Perhaps use this an an improvement suggestion for future releases...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
16.7 Legacy Series
»
2FA token not working for OpenVPN dialin