- Login into the Pfsense admin portal
- Go to "Services" -> FreeRADIUS" -> "Users" -> "ADD"
- Enter the user name (Case Sensitive)
- No need to enter the password
- Enable "One-Time Password"
- Change OTP Auth Method to "Google-Authenticator"
- Click the " Generate OTP Secret"
- Enter a PIN code of your choosing
- Generate QR Code
- You can provide the user the QR using Screenshot or provide the "Init-Secret"
- Go to "OpenVPN" - "Client Export" and scroll to the bottom of the page
- Download the "Inline configuration: Most Clients"
- Go to the website OpenVPN Connect - VPN For Your Operating System | OpenVPN and download the client.
- Install the Client on the endpoint.
- Upload the configuration you downloaded in step 12
- Change the Profile name to a relevant name such as <Company - HQ>
- Add the username you just created
- Don't save your password
- When you are ask to enter a password enter the following <PIN><OTP>
You should see a successful connection
Create local SSL-VPN user with MFA Print
Created by: Gilad Schuster
Modified on: Wed, 4 Sep, 2024 at 1:25 PM
Did you find it helpful? Yes No
Send feedbackSorry we couldn't be helpful. Help us improve this article with your feedback.