Redirect to MFA URL after activating wireguard.

[FastLaneFever]

Hello! I loved these feature and we are using real time. But i was looking for a feature If we can redirect to the MFA URL after activating wireguard in windows as well as ubuntu.

[NHAS]

Short answer is: No.

Longer answer is: eBPF makes this very difficult to do, the easiest action is to simply drop traffic. I suspect I could accomplish this by using the XDP_TX or XDP_REDIRECT directives to maybe do something like this however those are typically good for just altering a single packet and sending it back to the client.

So you could do something like send a RST or quick close the connection rather than letting it hang forever which is annoying.

Also glad to hear you're using it!

[NHAS]

You'd also need to give the VPN a TLS root cert if you wanted to do redirections with HTTPS and It wouldnt be so graceful with protocols that arent HTTP/HTTPS

[NHAS]

Actually I take back the bit about using the special directives. I can probably just edit the packet directly. Seems neat

[FastLaneFever]

Hello. @NHAS

I am facing issue with MFA.

I have created wireguard profile and then I tried with connecting to mfa. now it is showing me as device is locked.

When I am trying to load new profile it is not showing me QR to scan.

i am using windows.

[NHAS]

Hi this issue is not the place to report bugs.

Please open a new issue and I'll give you a hand there :)

[NHAS]

After a bit of digging I dont think this is technically feasible unfortunately. Sorry!