Authentication Method Question



  • Hello pfSense community.

    My question: Is it possible to authenticate OpenVPN users using active directory users/passwords AND a one-time generated password at the same time (two factors authentication) ? Where can I find documentation to accomplish this goal?

    Example:

    You have an AD user:

    user name: paulnewman
    password: somestrongstuff

    The user enters his PIN on a mobile application and receives a temporary code: 123456 This code is valid only for one minute or so.

    In order to start a VPN session, the user must enter these credentials:

    user: paulnewman

    password: somestrongstuff123456

    What I know:

    • There is a piece of software called Mobile-OTP that provides one-time password functionality. The freeRADIUS package supports mobile-OTP integration.

    • There are client applications (tokens) to generate the one-time codes on a cell phone (android, blackberry, etc.)

    What I don't know:

    • How active directory integration fits on this puzzle

    • The required steps to accomplish this task

    I'm using pfSense 2.1

    Thanks in advance for your suggestions.



  • Bump !

    Anybody?



  • I have same problem
    Please some body help


Log in to reply