Hello guys
I'm trying to extend the security of my VPN including MFA with Google Authenticator.
Currently I run a Debian server that works fine with my LDAP environment, I want to know if is possible to achieve that with community edition,
I have done some researches about how to implement OpenVPN + LDAP + MFA, can somebody telme if is this possible and if so point me to the right direction?
It is possible to mix ldap and MFA with google authenticator in Community Edition?
-
wagnergt12
- OpenVpn Newbie
- Posts: 1
- Joined: Mon May 24, 2021 6:51 pm
-
nothing
- OpenVpn Newbie
- Posts: 4
- Joined: Thu Oct 09, 2014 12:46 pm
Re: It is possible to mix ldap and MFA with google authenticator in Community Edition?
Yes, that is possible.
You should install libpam-google-authenticator, freeradius, sssd, sssd-tools, libnss-sss, libpam-sss, realmd, adcli...
Then join your debian PC to AD (using "realm join..."), configure freeradius with pam authentication and use it as "external" authentication method in openvpn configuration.
You should install libpam-google-authenticator, freeradius, sssd, sssd-tools, libnss-sss, libpam-sss, realmd, adcli...
Then join your debian PC to AD (using "realm join..."), configure freeradius with pam authentication and use it as "external" authentication method in openvpn configuration.