Welcome, Guest. Please login or register.
Did you miss your activation email?
Saturday 21 December 2024, 08:55:57 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  two factor authentication in efw 2.4
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: two factor authentication in efw 2.4  (Read 12928 times)
rosch
Full Member
***
Offline Offline

Gender: Male
Posts: 20



« on: Monday 08 August 2011, 07:59:18 pm »

Hi there,

I have trouble getting two factor authentication to work in endian 2.4.1.
PSK is working and so is certificate only.
The client conf:
Code:
tls-client
dev tap
proto udp
remote server 1194
resolv-retry 2
nobind
user nobody
group nogroup
persist-key
persist-tun
pkcs12 client.p12
auth-user-pass
pull
comp-lzo
verb 3
The server conf:
Code:
daemon
mode server
tls-server
proto udp
port 1194
multihome
user nobody
group nobody
cd /var/openvpn
client-config-dir clients
script-security 2 system
dev tap0
server-bridge ip mask ip_from ip_to
push "route-gateway ip"
passtos
comp-lzo
management 127.0.0.1 5555
keepalive 8 30
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
persist-local-ip
persist-remote-ip
writepid /var/run/openvpn/openvpn.pid
ifconfig-pool-persist openvpn.leases
status /var/log/openvpn/openvpn-status.log
verb 1
client-connect "/usr/local/bin/dir.d-exec /etc/openvpn/client-connect.d/"
client-disconnect "/usr/local/bin/dir.d-exec /etc/openvpn/client-disconnect.d/"
dh /var/efw/openvpn/dh1024.pem
pkcs12 /var/efw/openvpn/pkcs12.p12
auth-user-pass-verify "/usr/bin/openvpn-auth" via-file
username-as-common-name

I generated the certificates with the easy-rsa folder of the openvpn installation; then I imported the p12 file from the endian web-interface.
I manually copied the dh file to /var/efw/openvpn/ but didn't help.
Here is the end of the log I am getting:
Code:
[server Peer Connection Initiated with [AF_INET]ip_address:1194
SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
AUTH: Received AUTH_FAILED control message
TCP/UDP: Closing socket
SIGTERM[soft,auth-failure] received, process exiting

many thanks for any help.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com