Re: [Openvpn-users] Clarification on auth-gen-token and 2FA

2017-01-27 Thread David Sommerseth
On 27/01/17 08:27, Gert Doering wrote: > Hi, > > On Fri, Jan 27, 2017 at 12:02:21AM +0100, David Sommerseth wrote: >> On 26/01/17 19:45, Gert Doering wrote: >>> On Thu, Jan 26, 2017 at 07:36:32PM +0100, David Sommerseth wrote: Anyhow ... quick-fix/workaround: Don't use --auth-nocache >>> >>>

Re: [Openvpn-users] Clarification on auth-gen-token and 2FA

2017-01-26 Thread Gert Doering
Hi, On Fri, Jan 27, 2017 at 12:02:21AM +0100, David Sommerseth wrote: > On 26/01/17 19:45, Gert Doering wrote: > > On Thu, Jan 26, 2017 at 07:36:32PM +0100, David Sommerseth wrote: > >> Anyhow ... quick-fix/workaround: Don't use --auth-nocache > > > > What happens if you have --auth-nocache, the

Re: [Openvpn-users] Clarification on auth-gen-token and 2FA

2017-01-26 Thread Gert Doering
Hi, On Thu, Jan 26, 2017 at 07:36:32PM +0100, David Sommerseth wrote: > Anyhow ... quick-fix/workaround: Don't use --auth-nocache What happens if you have --auth-nocache, the server sends a token, and the token expires? Will the client get something back that it can understand as "oh, I need to

Re: [Openvpn-users] Clarification on auth-gen-token and 2FA

2017-01-25 Thread Gert Doering
Hi, On Wed, Jan 25, 2017 at 12:28:25PM -0800, Scott Crooks wrote: > 2. Does having `auth-nocache` on the client side conflict with > `auth-gen-token` ? Do I need to remove `auth-nocache` from the client side > to utilize the benefits of `auth-gen-token` ? As far as I understand (and I have not