Do you happen to have active support from peplink? In my quest for getting DUO 2FA setup, I had to have them send me a custom firmware for some adjusted time out settings,etc.
The basics of this deployment would require you to have a server running the DUO proxy with ldap/ldaps look up enabled.
I couldnt get my radius setup properly but that’s another alternative also to get it implemented.
I have DUO proxy running on the server and it passes all connectivity steps for LDAP. Not sure how to have the L2TP VPN connections from the peplink use 2FA.
On your peplink device, under the network → Remote User Access
You would change authentication to LDAP server. You would then use the Duo Proxy as the LDAP target
A quick break down of the auth process would be :
Users request L2TP vpn connection to your pepwave
Pepwave directs LDAP look up to the DUO Proxy
DUO Proxy contacts your AD/LDAP server for auth
DUO sends push/prompt for access
Thank you so much. You are so helpful! I think my problem may be that my Peplink Balance 30 doesn’t remote user auth via LDAP/RADIUS. When I navigate there, I do not even see a setting for authentication,
I understand that this is an old thread but I have not had much luck finding information relating to 2FA/MFA or other methods for added security on VPN connections that are set up in Peplink devices such as Balance 20X and 310X. This thread did not provide much information on options such as the local user authentication in the Peplink device and or the types of VPN options, IPsec, OpenVPN etc. Considering the massive increase in cyber attacks I find it strange that Peplink hasn’t focused more on this and that a thread started in 2016 didn’t amount to anything. If information is available elsewhere I’d certainly like to know.