• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

2-factor authentication with OpenVPN

Scheduled Pinned Locked Moved OpenVPN
5 Posts 2 Posters 1.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    AxSD
    last edited by Oct 17, 2017, 7:18 PM

    I'm looking integrate 2-factor authentication using Google authenticator. This can be done on a standalone OpenVPN server, however I like the clean integration of OpenVPN with pfsense. Where can I edit the config files to integrate 2FA with my current OpenVPN setup? On a normal linux server, the command would just simply be:

    apt-get -y install openvpn libpam-google-authenticator
    1 Reply Last reply Reply Quote 0
    • J
      johnpoz LAYER 8 Global Moderator
      last edited by Oct 17, 2017, 8:30 PM

      use freeradius - set it up there.

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.7.2, 24.11

      1 Reply Last reply Reply Quote 0
      • A
        AxSD
        last edited by Oct 17, 2017, 9:51 PM

        i already have a dedicated RADIUS server integrated with Active Directory.

        is there still a purpose for freeradius and allow me to do 2FA?

        1 Reply Last reply Reply Quote 0
        • J
          johnpoz LAYER 8 Global Moderator
          last edited by Oct 18, 2017, 8:08 AM

          Then setup your 2fa there.. But if you don't want your openvpn integrated with that then sure you could run freerad on pfsense for your openvpn connection.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

          1 Reply Last reply Reply Quote 0
          • A
            AxSD
            last edited by Oct 18, 2017, 4:44 PM

            My RADIUS and AD is running from windows server 2008. There's no Google Authenticator package that can integrate with windows machine as far as i know.

            Thanks, I'll look into the freerad package for pfsense. If I do this, will I be able to configure freerad through commandline and use apt-get to install additional packages for the freerad?

            1 Reply Last reply Reply Quote 0
            5 out of 5
            • First post
              5/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received