i’ve got some strange behaviour with the freeRadius-Auth an a Forti SSLVPN-Portal.
I get the Users from an AD/LDAP-Resolver.
I set this authentication-policy: [challenge_response: totp yubico yubikey, otppin:tokenpin] and it works perfectly with Google Authenticator (TOTP). But its not working if I try a Yubico-Token or with otppin: userstore.
Yubico is not the real problem, but for SSO I need the Userpassword…
Hope somebody can help.