2-factor authentication with OpenVPN



  • I'm looking integrate 2-factor authentication using Google authenticator. This can be done on a standalone OpenVPN server, however I like the clean integration of OpenVPN with pfsense. Where can I edit the config files to integrate 2FA with my current OpenVPN setup? On a normal linux server, the command would just simply be:

    apt-get -y install openvpn libpam-google-authenticator
    

  • LAYER 8 Global Moderator

    use freeradius - set it up there.



  • i already have a dedicated RADIUS server integrated with Active Directory.

    is there still a purpose for freeradius and allow me to do 2FA?


  • LAYER 8 Global Moderator

    Then setup your 2fa there.. But if you don't want your openvpn integrated with that then sure you could run freerad on pfsense for your openvpn connection.



  • My RADIUS and AD is running from windows server 2008. There's no Google Authenticator package that can integrate with windows machine as far as i know.

    Thanks, I'll look into the freerad package for pfsense. If I do this, will I be able to configure freerad through commandline and use apt-get to install additional packages for the freerad?


Log in to reply