OpenVPN + 2FA + Radius Auth


Is it possible for OpenVPN to have RADIUS (Possible Microsoft RADIUS/NPS or FreeRADIUS) as an authentication method and with 2FA still, I have been reading the documentation but I can only see the LDAP as a method, but there might be work arounds now I suppose, or not?

Appreciate all your help and feedback.

Hi @inquirerguy

Welcome to the IPFire community.

On the wiki page related to Authentication methods there is PAM Authentication as well as LDAP Authentication.

There is a link to PAM authentication on OpenVPN at the bottom of that page

auth-pam description on OpenVPN

According to that link the openvpn auth pam module allows any authentication method supported by PAM and then lists LDAP, RADIUS, or Linux Shadow passwords as examples. There is a Radius addon available on IPFire.
That link talks about building the auth-pam plugin for openvpn which you don’t have to do as it is already prebuilt and available on IPFire by default.

I can’t help with actually doing it as I have no experience of that but it looks to be capable of being done.