When I revert to the server and client config that work, ldap authentication starts working again.
Something isn't right here, I think it is the client configuration, I'm half convinced that the client is passing the password and otp information to the server as the password.
Here is the relevant part of the client file, can anyone see what is wrong?
Code: Select all
client
dev tun
proto udp
remote xxx.xxx.xxx.xxx 1194
tls-version-min 1.2
tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
block-outside-dns
verb 3
auth-user-pass
auth-nocache
reneg-sec 0
static-challenge "Enter Google Authenticator Token" 1