More actions
No edit summary |
No edit summary |
||
| Line 4: | Line 4: | ||
== Certificate Deployment == | == Certificate Deployment == | ||
It is highly recommended at A certificate authority be stood up on the firewall. In later steps, we will enable password and certificate authentication. When I was playing with this concept, I can confirm it worked without forcing a certificate check, but I would highly recommend that both methods be used. | |||
# Login to your OPNsense firewall. | # Login to your OPNsense firewall. | ||
Revision as of 00:36, 20 May 2024
History
The Network: Road Warrior VPN was setup to enable remote access to internal sysadminafterdark operations. After considerable research, we determined OpenVPN running on Hardware: SAD-HME-FW01 was the best choice for the business because it is highly documented, easy to setup, and integrates with Authentication: Microsoft NPS and Authentication: Cisco DUO. This entry describes how to pair these technologies with OpenVPN.
Certificate Deployment
It is highly recommended at A certificate authority be stood up on the firewall. In later steps, we will enable password and certificate authentication. When I was playing with this concept, I can confirm it worked without forcing a certificate check, but I would highly recommend that both methods be used.
- Login to your OPNsense firewall.