On Mon, 2019-12-09 at 09:54 -0500, Frank Uccello wrote: > I was is there any simple way to set up openconnect as MFA VPN as > standalone cli Linux server > > I tried to google it and look at your archive but can not seem to > find these instructions Hi Frank, I'm not quite sure what you're asking for. OpenConnect is a VPN client. It can do MFA, and it can even use OATH tokens automatically, either software tokens (including SecureID) or using hardware like a Yubikey. If you're asking if it can work in a headless standalone mode, as a VPN client, on a server machine ... well yes, assuming you can automatically do whatever MFA your VPN server requires. And bear in mind that once you automate it and put it all in one place, it's not exactly "Multiple Factor" in any meaningful sense any more. If you're asking if we can set up a VPN *server* to do MFA authentication of clients, then yes using ocserv we can do that too. But it's any entirely different discussion.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
