diff options
| author | Christian Poessinger <christian@poessinger.com> | 2022-04-09 13:42:17 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-04-09 13:42:17 +0200 |
| commit | 139ab816466053d73cb8a68fe4af3de39d98d306 (patch) | |
| tree | 3c4d301633c2307e677b4266dfe1ca5094717b76 /interface-definitions/vpn_openconnect.xml.in | |
| parent | f9ebccd2ef0b144617b5f4acf79d37502114d34a (diff) | |
| parent | 1da9cc02d7c83898c267070618e2cc91e16eb1cf (diff) | |
| download | vyos-1x-139ab816466053d73cb8a68fe4af3de39d98d306.tar.gz vyos-1x-139ab816466053d73cb8a68fe4af3de39d98d306.zip | |
Merge pull request #1242 from goodNETnick/ocserv_local_otp
ocserv: T4231: Added OTP support for Openconnect 2FA
Diffstat (limited to 'interface-definitions/vpn_openconnect.xml.in')
| -rw-r--r-- | interface-definitions/vpn_openconnect.xml.in | 50 |
1 files changed, 34 insertions, 16 deletions
diff --git a/interface-definitions/vpn_openconnect.xml.in b/interface-definitions/vpn_openconnect.xml.in index f418f5d75..05458ed34 100644 --- a/interface-definitions/vpn_openconnect.xml.in +++ b/interface-definitions/vpn_openconnect.xml.in @@ -13,25 +13,43 @@ <help>Authentication for remote access SSL VPN Server</help> </properties> <children> - <leafNode name="mode"> + <node name="mode"> <properties> <help>Authentication mode used by this server</help> - <valueHelp> - <format>local</format> - <description>Use local username/password configuration</description> - </valueHelp> - <valueHelp> - <format>radius</format> - <description>Use RADIUS server for user autentication</description> - </valueHelp> - <constraint> - <regex>^(local|radius)$</regex> - </constraint> - <completionHelp> - <list>local radius</list> - </completionHelp> </properties> - </leafNode> + <children> + <leafNode name="local"> + <properties> + <help>Use local username/password configuration (OTP supported)</help> + <valueHelp> + <format>password</format> + <description>Password-only local authentication</description> + </valueHelp> + <valueHelp> + <format>otp</format> + <description>OTP-only local authentication</description> + </valueHelp> + <valueHelp> + <format>password-otp</format> + <description>Password (first) + OTP local authentication</description> + </valueHelp> + <constraint> + <regex>^(password|otp|password-otp)$</regex> + </constraint> + <constraintErrorMessage>Invalid authentication mode. Must be one of: password, otp or password-otp </constraintErrorMessage> + <completionHelp> + <list>otp password password-otp</list> + </completionHelp> + </properties> + </leafNode> + <leafNode name="radius"> + <properties> + <help>Use RADIUS server for user autentication</help> + <valueless/> + </properties> + </leafNode> + </children> + </node> #include <include/auth-local-users.xml.i> #include <include/radius-server-ipv4.xml.i> <node name="radius"> |