Hi all,
sorry we are new to openvpn and to the forum so please be patient.
We have setup a server on CENTOS 7 with 2FA we would like to know if it is possibile for some users to connect to the VPN just with the certificate (without user, passwd and 2FA) for a limited period of time......
Thanks for your help
The server configuration follows:
port 1194
proto udp
dev tun
user nobody
group nobody
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.0.8.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server_Grl54G36xGMu9lB0.crt
key server_Grl54G36xGMu9lB0.key
auth SHA256
cipher AES-128-GCM
ncp-ciphers AES-128-GCM
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
dh none
ecdh-curve prime256v1
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
duplicate-cn
plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so "openvpn login USERNAME password PASSWORD pin OTP"
verb 3
Skip 2FA user and password authentication
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 1
- Joined: Tue Jan 24, 2023 8:52 am