server default {
listen {
	type = auth
	ipaddr = *
	port = 0
	limit {
	      max_connections = 16
	      lifetime = 0
	      idle_timeout = 30
	}
}
listen {
	ipaddr = *
	port = 0
	type = acct
	limit {
	}
}
authorize {
	filter_username
	filter_google_totp
	ldap
	if (&Google-Password) {
		update control {
			&User-Password := "%{&Google-Password}"
			Auth-Type := PAP
		}
	}
}
authenticate {
	Auth-Type PAP {
		pap
		if (&Google-Password) {
			update request {
				&User-Password := "%{&Google-Password}"
			}
			pam
		} else {
			update reply {
				Reply-Message := "Login incorrect: TOTP Fail"
			}
			reject
		}
	}
	pam
}
}