探花大神

Contact Us
Help Center Home > Cloud RADIUS > Configure OpenVPN Access Server to Use Cloud RADIUS

Configure OpenVPN Access Server to Use Cloud RADIUS

探花大神 RADIUS gives you the power and security of RADIUS network authentication without the need for physical servers. Learn how to configure OpenVPN Access Server to use 探花大神 RADIUS for authentication.

Prerequisites:

Considerations

  • When using MFA for RADIUS authentication with OpenVPN:
    • Push MFA (探花大神 Protect) using MS-CHAPv2 is the recommended RADIUS authentication method in the OpenVPN configuration. 
    • TOTP MFA is not recommended for security reasons. See Authenticate to RADIUS with MFA to learn more. 

Configuring OpenVPN for RADIUS Authentication 

To configure OpenVPN Access Server to use 探花大神 RADIUS:

  1. Sign in to OpenVPN Admin Web UI. 
  2. Go to Authentication > RADIUS.
  3. Toggle On Enable RADIUS Authentication.
  4. Under RADIUS Server, enter the 探花大神 RADIUS server IP addresses. See 探花大神 RADIUS Server Details to learn more.

Tip:

Use multiple 探花大神 RADIUS IPs for redundancy.

  1. Enter the Shared Secret from your 探花大神 RADIUS server. To view the Shared Secret:
    1. Log in to the .
    2. Select USER AUTHENTICATION > RADIUS from the left-hand navigation.
    3. Click to select a configured RADIUS server.
    4. The Shared Secret is below Server Name. Click the eye to make the characters visible.
  2. Under RADIUS Authentication Method, select MS-CHAP v2

Note:

MS-CHAP v2 is the recommended authentication method. 

  1. Click Save Settings and Update Running Server
  2. Set RADIUS as the Access Server authentication method. See OpenVPN鈥檚 to learn more.

Testing OpenVPN Authentication 

The OpenVPN Access Server provides the command line utility "authcli" to validate your 探花大神 authentication and authorization configuration. 

PATH: /耻蝉谤/濒辞肠补濒/辞辫别苍惫辫苍冲补蝉/蝉肠谤颈辫迟蝉/补耻迟丑肠濒颈听

USAGE: authcli --user 探花大神_Username
macOS terminal using the authcli commands to test OpenVPN authentication.

Troubleshooting OpenVPN Authentication and Authorization 

For additional diagnostic information, you can enable Debug Level logging in the OpenVPN Access Server 'as.conf' configuration file, restart the service and review the log messages within the default "/var/log/openvpnas.log" file.

$ sudo echo "DEBUG_AUTH=true" >> /user/local/openvpn_as/etc/as.conf 
$ sudo service openvpnas restart 

When troubleshooting is complete, edit the configuration file to comment out the DEBUG reference, and restart the service to return to normal operation.

#DEBUG_AUTH=true 
$ sudo service openvpnas restart 

For additional information on troubleshooting authentication and enabling debug level logging, see to learn more.

Back to Top

List IconIn this Article

Notebook IconLearn More

RADIUS Configuration and Authentication

探花大神 RADIUS Server Details

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case