Welcome to the Linux Foundation Forum!

IKE-VPN via specific ldap-auth

Good mornin'!

I want to implement a vpn for remote-access-purposes (end-to-site) for a bunch of people via ikev2.
The auth could work via Certs AND via LDAP (-> multi-factors).

On top of that I want to assign a separate password (only for vpn!) to everyone, so they don't have to use their "regular" ldap-pw.
Maybe by adding a new hashed-pw field at ldap.

Have you got any clues how to manage it?

Do you think I'll need a radius in between?

Thank you,
kind regards,
alex

Answers

  • When using LDAP, I advise you to pay special attention to security protocols. of course, it is better to use adfs as a way to generate one-time passwords using two-factor authentication with the use of various tokens.this method has the property of working with the same Radius.

Sign In or Register to comment.