Openvpn + 2FA

Routers
1

hello,

i asked about this three years ago but never got an answer.

is there any gl-inet router that support Openvpn + 2FA out of the box, not relying to install additional software packages or complex comand line configuration with PAM?

Add 2FA/MFA authentication for router

openvpn+2Fa is very important, so i have been forced to use opnsense, which has great built-in support for openvpn + 2FA. but it is x64 PC only, running freebsd, which is very, very pick about network cards, so it requires an addon pci card for network support

i currently own a microrouter and ar-ext750s and they have worked great for many years.

now, i am looking to upgrade my router, any suggestions?

thanks much, david

2

Use NICs using intel chips in the OPNsense box.

3

yes, that is what i do for that last few years, using a dual-nic pci card.
works great!

4

To answer your original question I have/do use Opal
& Beryl routers to do "password+OTP" auth back to OPNsense firewalls.

But it is a bit clumsy needing to edit the OpenVPN configuration before starting the tunnel.

It would be a nice addition if there were a config option to allow for the prompting for an OTP to be pre/post-fixed with the saved password.

5

thanks much, but that is not question, or issue. sorry, i think i was not clear about it...

i wanted to know if gl-inet GUI has built-in support for the following, same as opnsense.

with the opnsense router, using the official GUI, to create an openvpn server that requires clients connecting to use:

  • client certificate
  • username
  • password
  • 2FA TOTP token

or another router OS that does the same as opnsense, but does not require intel/amd x64 chipset and limited choices for networks interfaces.

based on website documents, ipfire has the same support but is very, very limited for support non-x64 hardware

6

OK.
I did not get that you wanted to run the Server end on the GL unit.
Not something I would do with my use case.

7

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.