Hello Peter!
I don't see any docs but probably can give you a directions:
1. Build OpenVPN with PAM auth support
2. Configure PAM with Google 2FA support - there are some libraries for
that on Github.
On Thu, Jan 16, 2020 at 8:56 PM Peter Fraser
wrote:
> Hi All
>
> I have been searching for
Hello!
Are there any way to connect MFA solution with push tokens - i.e. OpenVPN
server must wait while the end user is unlocking their phone and push some
button in the MFA application?
While ago I found that the older OpenVPN version was very sensitive to
authentication scripts runtime and
Hi!
Why don't you want to put a load balancer in front of your cluster? I
believe you can even run all openvpn instnces on same server (or a pair of,
just for redundancy). Nginx can balance openvpn clients just fine and limit
amount of backend connections, haproxy can work if you don't need UDP
Hello!
I've read a couple of guidelines regarding MFA with OpenVPN and all of them
mention that the 2nd factor could be either sent as password (with client
cert auth) or appended to the password string. Well, people tend to enter a
password when they see the password field.
At the moment the
Hi!
It would be really great to ship configs alongside the installer. The Play
market is not really a 'trusted' source when enterprise MDM is in action.
Thank you.
On Fri, Apr 16, 2021 at 3:56 PM Enno Gröper wrote:
> Hi,
>
> Am 16.04.21 um 14:42 schrieb Gert Doering:
> > Putting .ovpn configs
Hi!
You can hit wire speed if your chosen crypto works fast enough on your CPU.
Make sure that every component in the software stack lets you use your CPU
hardware encryption acceleration. I use iperf and wireshark for network
troubleshooting as it can let you narrow down to the bottleneck
Hello!
I'm looking for some way to configure *asynchronous* RADIUS authentication
to properly handle RADIUS server unavailability and probably
challenge-response MFA which demands humans-backed confirmation via RADIUS.
As RADIUS support is not a part of OpenVPN and there are a lot of outdated
Hello Gert!
We mind RADIUS for MFA and password checks. Having RADIUS just checking
password+OTP via external MFA works, however any time spent in RADIUS
communication for one client session means the traffic to other clients is
stuck, that is why I was asking 'what plugin is good'. I wonder if