OpenVPN AS with Duo Security
Posted: Wed Feb 11, 2015 1:26 am
Hello everyone, I'm new to the forums and to Open VPN. I have successfully configured an OpenVPN AS on my instance of CentOS 6.6 and it's been working great! However, I'd like to add an additional layer of authentiction and I was considering Duo Security.
I attempted to setup a Duo Security integration with OpenVPN AS, but was unsuccessful. Per the instructions below it seems relatively simple. I setup an integration, which includes a integration key, security key and an api-hostname. I included those in the python script and ran the commands below, substituting the "admin_user" with an administrative user on my instance of openVPN AS.
When I attempt to authenticate, it does so successfully, but it does not prompt me for my Duo Security authentiction as I would expect. I ran the following commands after incorporating the script provided by duo security. Has anyone ever set this up that can offer some insight into any custom configuration that I may be missing on the OpenVPN end?
/usr/local/openvpn_as/scripts/sacli -a admin_username -k auth.module.post_auth_script --value_file=/usr/local/openvpn_as/scripts/duo_openvpn_as.py ConfigPut
/usr/local/openvpn_as/scripts/sacli -a admin_username Reset
Link to documentation:
https://www.duosecurity.com/docs/openvp ... curity.com
I attempted to setup a Duo Security integration with OpenVPN AS, but was unsuccessful. Per the instructions below it seems relatively simple. I setup an integration, which includes a integration key, security key and an api-hostname. I included those in the python script and ran the commands below, substituting the "admin_user" with an administrative user on my instance of openVPN AS.
When I attempt to authenticate, it does so successfully, but it does not prompt me for my Duo Security authentiction as I would expect. I ran the following commands after incorporating the script provided by duo security. Has anyone ever set this up that can offer some insight into any custom configuration that I may be missing on the OpenVPN end?
/usr/local/openvpn_as/scripts/sacli -a admin_username -k auth.module.post_auth_script --value_file=/usr/local/openvpn_as/scripts/duo_openvpn_as.py ConfigPut
/usr/local/openvpn_as/scripts/sacli -a admin_username Reset
Link to documentation:
https://www.duosecurity.com/docs/openvp ... curity.com