Hi We are trying to integrate with JumpCloud's RADIUS services in to order to provide MFA/2FA integration for OpenVPN services Our RADIUS client is a PfSense appliance on AWS that doesn't support EAP-TTLS. Due to the need to support OTP, we are limited to the PAP protocol What we're interested in doing is setting an intermediary FreeRadius proxy in between, that'll accept PAP authentication request from our local appliance and proxy them to the remote endpoint encapsulated in EAP-TTLS requests (we have the remote endpoint server certificate): +----------------------+ +----------------------+ +-----------------------------+ | | | | | | | PfSense VPN | PAP | FreeRADIUS | EAP-TTLS/PAP | JumpCloud RADIUS | | +----------------> +-------------------------> | | Appliance | | Proxy | | Server | | | | | | | +----------------------+ +----------------------+ +-----------------------------+ I've successfully got standard PAP proxying working, but I have no clue as to how to get EAP-TTLS encapsulation working 1) Is such proxying setup even possible? 2) If so, could anyone please provide me with some general guidelines as to how to get such setup working? 10x -- Best Regards Idan Sheinberg Professional Coder