Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Openvpn with 2FA extra challenge in Client
« previous
next »
Print
Pages: [
1
]
Author
Topic: Openvpn with 2FA extra challenge in Client (Read 1747 times)
yohighnest
Newbie
Posts: 16
Karma: 0
Openvpn with 2FA extra challenge in Client
«
on:
March 28, 2023, 09:31:07 am »
Hi,
anybody knows howto get the extra challenge working in the OpenVPN Client? I tried with Openvpn Connect V3 and Securepoint 2.0.38. As far is i know both Clients should be capable of asking for the otp token in a extra field.
I added:
static-challenge "TOTP Token" 1
in the server but this wasnt working. Any ideas?
Logged
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: Openvpn with 2FA extra challenge in Client
«
Reply #1 on:
March 28, 2023, 09:55:49 am »
At this point I think this looks like trolling more than anything.
Cheers,
Franco
Logged
yohighnest
Newbie
Posts: 16
Karma: 0
Re: Openvpn with 2FA extra challenge in Client
«
Reply #2 on:
March 28, 2023, 10:19:56 am »
lol franco i think we are becoming friends. please checkout
https://openvpn.net/cloud-docs/two-factor-authentication-on-profile-download-2/
in the openvpn cloud this is already working. securepoint utm and the client seem to be capable of it.
if a ui designer is seeing the solution of prefixing the totp token to the password, he probably wants to die.
so this is no trolling but a valid question.
Logged
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: Openvpn with 2FA extra challenge in Client
«
Reply #3 on:
March 28, 2023, 10:23:59 am »
Perhaps
See
https://github.com/opnsense/core/issues/3290#issuecomment-470026999
from 2019.
Cheers,
Franco
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Openvpn with 2FA extra challenge in Client
«
Reply #4 on:
March 28, 2023, 10:25:48 am »
This has to be done at the client, Tunnelblick for Mac already has a separate OTP field putting the OTP behind the password
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
yohighnest
Newbie
Posts: 16
Karma: 0
Re: Openvpn with 2FA extra challenge in Client
«
Reply #5 on:
March 28, 2023, 10:37:44 am »
thx this was helpfull.
the ui designer asks me why this is not setting in the config export?
«
Last Edit: March 28, 2023, 10:40:15 am by yohighnest
»
Logged
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: Openvpn with 2FA extra challenge in Client
«
Reply #6 on:
March 28, 2023, 11:08:09 am »
It hasn't been explicitly requested and it could break your authentication so it was left as an advanced field option.
Cheers,
Franco
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Openvpn with 2FA extra challenge in Client
«
Reply #7 on:
March 28, 2023, 04:11:37 pm »
Quote from: yohighnest on March 28, 2023, 10:37:44 am
thx this was helpfull.
the ui designer asks me why this is not setting in the config export?
TBH I wasn't aware of the config setting, maybe there could be room for another checkbox to add during config export, but as franco said, custom options is your friend and export options get stored in config
Welcome to open source
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Openvpn with 2FA extra challenge in Client