MFA for openvpn admin user when using LDAP & DUO?

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
stech4114
OpenVpn Newbie
Posts: 7
Joined: Mon May 09, 2022 12:26 pm

MFA for openvpn admin user when using LDAP & DUO?

Post by stech4114 » Mon May 09, 2022 12:27 pm

Is there a way to enable MFA for the openvpn admin user when using DUO for users via LDAP & AD. The openvpn admin account is local. Thank you.

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: MFA for openvpn admin user when using LDAP & DUO?

Post by openvpn_inc » Mon May 09, 2022 3:07 pm

Hello stech4114,

Yes. Same way as all the other users. If you use an Access Server version 2.10 or higher. And remove the openvpn account from as.conf and make it a 'normal' account instead of a bootstrap account in as.conf.

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

stech4114
OpenVpn Newbie
Posts: 7
Joined: Mon May 09, 2022 12:26 pm

Re: MFA for openvpn admin user when using LDAP & DUO?

Post by stech4114 » Mon May 09, 2022 5:02 pm

openvpn_inc wrote:
Mon May 09, 2022 3:07 pm
Hello stech4114,

Yes. Same way as all the other users. If you use an Access Server version 2.10 or higher. And remove the openvpn account from as.conf and make it a 'normal' account instead of a bootstrap account in as.conf.

Kind regards,
Johan
Can you elaborate on this please?

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: MFA for openvpn admin user when using LDAP & DUO?

Post by openvpn_inc » Tue May 10, 2022 4:43 pm

Hey stech4114,

There's a lot of information to convey, so probably better if you read the documentation section here titled "Secure the openvpn administrative user account" first:
https://openvpn.net/vpn-server-resource ... er-account

You should be able to find all you need there. If not let me know which part you need clarification on.

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

Post Reply