Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Explorer

2FA and L2TP/IPSEC under Linux

Is there any way to connect to an enterprise VPN using L2TP over IPSEC in combination with 2 factor authentication under a recent Linux Desktop Distribution like Ubuntu?

Ubuntu provides the package network-manager-l2tp-gnome that could work but I still do not manage to etablish a connection because there seems to be no 2FA handling.

Anyone has such a setup working?

0 Kudos
5 Replies
Highlighted
Admin
Admin

We support use of strongSwan (Roadwarrier) and Libreswan 3.23, but not sure about 2FA

0 Kudos
Highlighted
Explorer

Thanks for your quick reply. I do consider myself as capable of configuring Libreswan but I do need to know if there is a chance for the 2FA (SMS token) part.

0 Kudos
Highlighted
Admin
Admin

You would need to be able to enter the password in one go (fixed password plus your MFA code) if it were to work at all.
There is no handling for multi-stage authentication that I'm aware of.
I would approach your local Check Point office with your precise requirements.

0 Kudos
Highlighted
Explorer

What a pity. What we are using is multi-stage authentication as the token comes with a cell phone text message after having entered a password.

Are there any future plans for providing a CheckPoint Linux solution to cover this scenario? At least for Ubuntu and Fedora?

0 Kudos
Highlighted
Admin
Admin

There are no plans to develop a native Linux VPN client.
Formal support for StrongSWAN is planned for R81 and I can’t say if it will include MFA support.
Recommend getting involved in the Production EA.

Existing formal support is limited to a customer release on R80.30.
The links Val provides above are community-developed instructions. 

0 Kudos