Where to enter two factor code in client

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
VECCTOR
OpenVpn Newbie
Posts: 1
Joined: Fri Dec 02, 2022 5:34 am

Where to enter two factor code in client

Post by VECCTOR » Fri Dec 02, 2022 5:40 am

I have an OpenVPN server setup in OPNSense that include TOTP two-factor authentication. Where do I put the two-factor code in the OpenVPN Connect client?

I don't see anywhere to enter it and when I try to connect it doesn't bring up a prompt or anything - it just says "Authentication Failed".

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: Where to enter two factor code in client

Post by openvpn_inc » Fri Dec 02, 2022 7:27 am

Hello VECCTOR,

Most likely the authentication fails before you even get to the MFA. Once username/password authentication succeeds, then MFA should be requested. If username/password already fails, you may not even get an MFA request.

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

MateoSJ
OpenVpn Newbie
Posts: 2
Joined: Wed Feb 15, 2023 10:51 pm

Re: Where to enter two factor code in client

Post by MateoSJ » Wed Feb 15, 2023 11:01 pm

I have the same problem. If my method for MFA is a code to enter, where do I put it? If my method is approving by authenticator or with phone call and pressing # to approve, it works fine. I need options for entering code? I am using Microsoft NPS setup with OpenVPN (PFSense)

robross0606
OpenVpn Newbie
Posts: 3
Joined: Wed Jan 13, 2016 9:36 pm

Re: Where to enter two factor code in client

Post by robross0606 » Fri Mar 15, 2024 1:59 pm

Same problem here with just about any daemon-based OpenVPN client. There simply doesn't seem to be a way to pass in static-challenge response to a daemon-based client.

Post Reply