That one's easy https://wiki.strongswan.org/projects/strongswan/wiki/EapRadius#Multiple-rounds
On 09.03.2017 16:09, Alex Sharaz wrote: > Would certainly like to hear if anyone has managed it using ikev1 and XAUTH > > A > > On 9 March 2017 at 11:54, Alex Sharaz <[email protected] > <mailto:[email protected]>> wrote: > > o.k. Was wondering because on our Juniper box a user logs on using their > normal credentials using the pulse secure app and then gets prompted for the > TOTP info afterwards. > Rgds > Alex > > > On 9 March 2017 at 11:47, Noel Kuntze <[email protected] > <mailto:[email protected]>> wrote: > > Please make sure to always have the list in CC or TO, as well as the > actual recipient. > > I'm not aware of any feature of any client that enables it to support > OTP and password auth at the same time. > Maybe other people know. With XAUTH, it is easy, because there's a > feature for that that enables IKE responders > to specify several form fields in the user interface. Maybe some > other person knows how to do that > and how to implement it in IKEv2. > > On 09.03.2017 12:32, Alex Sharaz wrote: > > ikev2 > > > > > > On 9 March 2017 at 11:31, Noel Kuntze <[email protected] > <mailto:[email protected]> <mailto:[email protected] > <mailto:[email protected]>>> wrote: > > > > Implement it on the RADIUS in the EAP method? Do you use > xauth-eap with eap-radius or do you use IKEv2? > > > > On 09.03.2017 10:25, Alex Sharaz wrote: > > > Probably too generic a question but has anyone integrated a > StronghSwan VPN service with the DUO Mobile TimeBase One Time Password (TOTP) > feature? > > > > > > Ideally want > > > > > > 1). x.509 cert to identify our VPN service to client > > > 2). use eap-radius method for ikev2 connections for user auth > > > 3). TOTP on top of that > > > 1 & 2 work just fine, just need to figure out how to do (3) > > > > > > Rgds > > > Alex > > > > > > > > > > > > > > > > > > _______________________________________________ > > > Users mailing list > > > [email protected] > <mailto:[email protected]> <mailto:[email protected] > <mailto:[email protected]>> > > > https://lists.strongswan.org/mailman/listinfo/users > <https://lists.strongswan.org/mailman/listinfo/users> > <https://lists.strongswan.org/mailman/listinfo/users > <https://lists.strongswan.org/mailman/listinfo/users>> > > > > > > > -- > > > > Mit freundlichen Grüßen/Kind Regards, > > Noel Kuntze > > > > GPG Key ID: 0x63EC6658 > > Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 > > > > > > > > -- > > Mit freundlichen Grüßen/Kind Regards, > Noel Kuntze > > GPG Key ID: 0x63EC6658 > Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 > > > > -- Mit freundlichen Grüßen/Kind Regards, Noel Kuntze GPG Key ID: 0x63EC6658 Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
