Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Wireguard: 2FA Login Suggestion Poject
« previous
next »
Print
Pages: [
1
]
Author
Topic: Wireguard: 2FA Login Suggestion Poject (Read 3707 times)
Reiner030
Newbie
Posts: 49
Karma: 6
Wireguard: 2FA Login Suggestion Poject
«
on:
October 01, 2023, 06:39:30 pm »
Hi, neither OPNSense, pfSense nor windows/mac/linux clients can use 2FA for Wireguard because the service lucks of such "complicated feature"... which is sadly because OpenVPN limits clients traffic to usually around 16 MBit .
But there is a nice projected with a "2fa login page" which looks interesting and possible to implement as plugin for OPNsense:
https://github.com/NHAS/wag
Iit's iptables based but it shouldn't be too problematic to adopt such code for pf firewall rules for people which knows what to do?
Bests
Reiner
«
Last Edit: October 01, 2023, 06:42:12 pm by Reiner030
»
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: Wireguard: 2FA Login Suggestion Poject
«
Reply #1 on:
October 02, 2023, 06:17:07 am »
You can use the captive Portal for this
With UDP as transport and some tweaks also 90Mbit will be possible with Openvpn
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1622
Karma: 178
Re: Wireguard: 2FA Login Suggestion Poject
«
Reply #2 on:
October 02, 2023, 08:19:06 am »
If you need even more performance use IPsec. I get 600mbit/s with my roadwarrior setups. (Wifi 6 Mu-Mimo 2x2 on Windows Laptops) and 300mbit/s on Android (Wifi 6 Mu-Mimo 1x1)
Logged
Hardware:
DEC740
Reiner030
Newbie
Posts: 49
Karma: 6
Re: Wireguard: 2FA Login Suggestion Poject
«
Reply #3 on:
April 19, 2024, 12:24:24 am »
Since OPNsense was not main task delayed answer
We are using IPSec for our "business" connection to other office without problems.
OpenVPN is used for our employees and only graphic department has as usual "performance problems" with their huge files ^^
Idea was to give a common project hint for Wireshark to improve speed/security for (home) users/admins with less experience within an easy setup.
It seems the last years that OpenVPN was "tuned" by default so 1-2 years ago we could fill up a German VDSL line bandwith of 100 MBits without problems but I am not sure if this is commonly possible.
While checking out some other OpenVPN tasks (this nice and very very unintuitive new "Connection GUI" ... which is clear when finally found to setup but behaves complete different than the old configuration templates) I found in this forum discussions about "loadbalanced OpenVPN servers" like in
https://openvpn.net/community-resources/implementing-a-load-balancing-failover-configuration/
given and also a maybe interesting OpenVPN loadbalancing tool/idea "AirVPN" and also a nice howto for a three-WAN loadbalanced IP tunnel :
https://nguvu.org/pfsense/pfsense-multi-vpn-wan/
Logged
hackse
Newbie
Posts: 1
Karma: 0
Re: Wireguard: 2FA Login Suggestion Poject
«
Reply #4 on:
May 04, 2024, 09:44:06 pm »
Have you checked Defguard:
https://defguard.net/
The also have a OPNsense plugin:
https://defguard.gitbook.io/defguard/admin-and-features/setting-up-your-instance/gateway#opnsense-plugin
Does anyone know the responsible company of Defguard:
https://teonite.com/about
Logged
fireplace
Newbie
Posts: 3
Karma: 0
Re: Wireguard: 2FA Login Suggestion Poject
«
Reply #5 on:
June 05, 2024, 04:59:11 pm »
Very Interesting Plug-In/Project. Have someone experience with it?
I can not find out how to configure it. Where to become the Defguard Token? And so further. I can not find in the Documentation how to do it in context of OPNSesne.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Wireguard: 2FA Login Suggestion Poject