47j16 (47j16) asked a question.
Inquiry Regarding LDAP Integration with OpenVPN Access Server
We wanted to see if the following set up is possible. "Can you integrate your own windows LDAP server with Okta and allow users to authenticate by having an SMS sent to the phone upon verification request when signing into OpenVPN access server client?"
Example
- User signs into Open VPN from PC.
- OpenVPN reaches out to Okta and Okta sees our LDAP server has that users credentials.
- User gets verification request SMS triggered by Okta integration to OpenVPN Access Server.
- User enters the SMS and is now allowed to use the VPN connection.
We stumbled across the below article but it seems that this may be LDAP using only Okta user accounts and not a windows OS with active directory link
https://openvpn.net/vpn-server-resources/integrate-okta-with-openvpn-access-server-via-ldap/
Hi Shawn,
You can integrate the OpenVPN application with Okta using RADIUS authentication with SMS as an MFA: https://openvpn.net/vpn-server-resources/integrate-okta-with-openvpn-access-server-via-radius/ . Since RADIUS is represented in Okta as an application , you can assign LDAP mastered users to this application, so in theory this configuration can be achieved.
However, I would strongly recommend opening up a case with us if you have any additional questions about this configuration.
Have a great day ahead.