OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

Access Server MFA Audit

https://forums.openvpn.net/viewtopic.php?t=32756

Page 1 of 1

Access Server MFA Audit

Posted: Wed Aug 04, 2021 4:31 pm
by PQuintela
Hi, I recently deployed Google Authenticator on my Access Server installs and aside from a few hiccups it's been working great. One of those hiccups however was that users with old profiles are able to bypass the Authenticator requirements. Is there a way for me to see if users have an Authenticator tied to their account within either the web interface or the CLI? I'd like to give users who don't have one tied to their accounts a gentle shove in the right direction

Re: Access Server MFA Audit

Posted: Wed Aug 04, 2021 4:50 pm
by openvpn_inc
Hello PQuintela,

A 2FA bypass is a really serious thing. But I don't think that's what's actually happening here.

Can you verify that you are NOT using the 'openvpn' bootstrap account,
and that you have enabled Google Authenticator,
and that you restarted your Access Server(s) so the new setting is applied,
and that the 'old accounts' are not using autologin type profiles?

Kind regards,
Johan
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/