This section provides the configuration information on integrating Advanced Authentication with OpenVPN virtual appliance. This integration secures the OpenVPN connection.
The following diagram represents Advanced Authentication in OpenVPN.
To configure the Advanced Authentication integration with OpenVPN perform the following configuration tasks:
Ensure that the following requirements are met:
OpenVPN v2 appliance (version 2.0.10 was used to prepare these instructions) is installed.
Advanced Authentication v5 appliance with a configured repository is installed.
Open the Advanced Authentication Administration portal.
Move one or more chains fromto list. Ensure that the chains are assigned to the appropriate group of users in of the section.
Specify anof the OpenVPN appliance.
Specify a secret and confirm it.
Add an IP address of the Advanced Authentication v5 appliance and specify the secret.
You must specify the <repository name>\<username> or only <username>, if you have set the following configurations:
You have selected a chain from thesection in the settings for connecting to OpenVPN.
You have set the default repository name inof the Advanced Authentication v5 appliance.
You must specify a <username> and space (you can specify the in the section of the Advanced Authentication v5 appliance), if you have set the following configurations:of the chain in the username after the
You have selected multiple chains from thesection for connecting to OpenVPN.
NOTE: For some authentication methods, the correct time must be configured on the OpenVPN appliance. You can sync the time of the OpenVPN appliance using the following commands:
Issue: While authenticating with the SMS method to connect to OpenVPN, after three successful authentications the user account is locked by OpenVPN.
Workaround: OpenVPN assumes each attempt of the challenge response (request of additional data in chain) as an error.
To resolve the issue, you must change the number of failures that can be accepted. For more information, see Authentication failure lockout policy.