Authentication Method Question
-
Hello pfSense community.
My question: Is it possible to authenticate OpenVPN users using active directory users/passwords AND a one-time generated password at the same time (two factors authentication) ? Where can I find documentation to accomplish this goal?
Example:
You have an AD user:
user name: paulnewman
password: somestrongstuffThe user enters his PIN on a mobile application and receives a temporary code: 123456 This code is valid only for one minute or so.
In order to start a VPN session, the user must enter these credentials:
user: paulnewman
password: somestrongstuff123456
What I know:
-
There is a piece of software called Mobile-OTP that provides one-time password functionality. The freeRADIUS package supports mobile-OTP integration.
-
There are client applications (tokens) to generate the one-time codes on a cell phone (android, blackberry, etc.)
What I don't know:
-
How active directory integration fits on this puzzle
-
The required steps to accomplish this task
I'm using pfSense 2.1
Thanks in advance for your suggestions.
-
-
Bump !
Anybody?
-
I have same problem
Please some body help