Openvpn with 2FA extra challenge in Client

Started by yohighnest, March 28, 2023, 09:31:07 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 28, 2023, 09:31:07 AM
Hi,

anybody knows howto get the extra challenge working in the OpenVPN Client? I tried with Openvpn Connect V3 and Securepoint 2.0.38. As far is i know both Clients should be capable of asking for the otp token in a extra field.

I added:

static-challenge "TOTP Token" 1

in the server but this wasnt working. Any ideas?

March 28, 2023, 09:55:49 AM #1
At this point I think this looks like trolling more than anything.


Cheers,
Franco
March 28, 2023, 10:19:56 AM #2
lol franco i think we are becoming friends. please checkout

https://openvpn.net/cloud-docs/two-factor-authentication-on-profile-download-2/

in the openvpn cloud this is already working. securepoint utm and the client seem to be capable of it.

if a ui designer is seeing the solution of prefixing the totp token to the password, he probably wants to die.

so this is no trolling but a valid question.
March 28, 2023, 10:23:59 AM #3
March 28, 2023, 10:25:48 AM #4
This has to be done at the client, Tunnelblick for Mac already has a separate OTP field putting the OTP behind the password
March 28, 2023, 10:37:44 AM #5 Last Edit: March 28, 2023, 10:40:15 AM by yohighnest
thx this was helpfull.

the ui designer asks me why this is not setting in the config export?
March 28, 2023, 11:08:09 AM #6
It hasn't been explicitly requested and it could break your authentication so it was left as an advanced field option.


Cheers,
Franco
March 28, 2023, 04:11:37 PM #7
Quote from: yohighnest on March 28, 2023, 10:37:44 AM
thx this was helpfull.

the ui designer asks me why this is not setting in the config export?

TBH I wasn't aware of the config setting, maybe there could be room for another checkbox to add during config export, but as franco said, custom options is your friend and export options get stored in config :)

Welcome to open source :D
Print
Go Up Pages1
User actions