[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] openVPN + OTP


  • Subject: Re: [Openvpn-users] openVPN + OTP
  • From: "Sunil S" <sunils@xxxxxxxxxx>
  • Date: Fri, 29 Jun 2007 09:44:04 +0530

Hi All,

Yes, RSA ACE server with Radius is the right solution.  BUT, keep in mind, there seems to be no way of letting the OpenVPN user see the challenges thrown by RSA Radius such as next token code request, new PIN etc.. 

Please see earlier mailing list communications below:

http://openvpn.net/archive/openvpn-users/2006-05/msg00038.html
http://openvpn.net/archive/openvpn-users/2007-01/msg00254.html

Regs

Sunil


>>> "Nick Owen" <nowen@xxxxxxxxxxxxxxxx> 06/29/07 3:01 AM >>>
On 6/28/07, jamal ayach <jamal.ayach@xxxxxxxx> wrote:
> Hi all,
>
> Is openvpn-2.0.9 compatible with One Time Passwords such as RSA dynamic
> tokens ?
> I need to set up an openvpn server with tow-factor Two-Factor
> Authentication (password + ACE Server token).

Radius is the way to go.  I have a write up on how to do this with
WiKID one-time passwords, but you should be abel to use it with
SecurID as well:

http://www.wikidsystems.com/documentation/howtos/openvpn_two_factor/ 

A slightly longer, more detailed version is here:
http://www.howtoforge.com/openvpn_wikid_strong_authentication 

HTH,

nick
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users

______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users