hello,
i asked about this three years ago but never got an answer.
is there any gl-inet router that support Openvpn + 2FA out of the box, not relying to install additional software packages or complex comand line configuration with PAM?
Add 2FA/MFA authentication for router
openvpn+2Fa is very important, so i have been forced to use opnsense, which has great built-in support for openvpn + 2FA. but it is x64 PC only, running freebsd, which is very, very pick about network cards, so it requires an addon pci card for network support
i currently own a microrouter and ar-ext750s and they have worked great for many years.
now, i am looking to upgrade my router, any suggestions?
thanks much, david
Use NICs using intel chips in the OPNsense box.
yes, that is what i do for that last few years, using a dual-nic pci card.
works great!
To answer your original question I have/do use Opal
& Beryl routers to do "password+OTP" auth back to OPNsense firewalls.
But it is a bit clumsy needing to edit the OpenVPN configuration before starting the tunnel.
It would be a nice addition if there were a config option to allow for the prompting for an OTP to be pre/post-fixed with the saved password.
thanks much, but that is not question, or issue. sorry, i think i was not clear about it...
i wanted to know if gl-inet GUI has built-in support for the following, same as opnsense.
with the opnsense router, using the official GUI, to create an openvpn server that requires clients connecting to use:
- client certificate
- username
- password
- 2FA TOTP token
or another router OS that does the same as opnsense, but does not require intel/amd x64 chipset and limited choices for networks interfaces.
based on website documents, ipfire has the same support but is very, very limited for support non-x64 hardware
OK.
I did not get that you wanted to run the Server end on the GL unit.
Not something I would do with my use case.