Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
OpenVPN and RADIUS attributes
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenVPN and RADIUS attributes (Read 3911 times)
fabio
Newbie
Posts: 46
Karma: 2
OpenVPN and RADIUS attributes
«
on:
September 02, 2017, 05:24:25 pm »
Hi All,
I would like to push ip address and routes to OpenVPN accounts using a RADIUS server.
With the current OPNSense implementation is it possible assign them with the Framed-IP-Address and Framed-Route attrs ?
Looking the confiuration file seems the RADIUS server is just use to verify the password ... but maybe I'm wrong
Thanks
Logged
mimugmail
Hero Member
Posts: 6288
Karma: 432
Re: OpenVPN and RADIUS attributes
«
Reply #1 on:
September 02, 2017, 08:49:27 pm »
Yes, since Openvpn ignores these attributes
Logged
Twitter: mimu_muc
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
fabian
Hero Member
Posts: 2768
Karma: 199
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: OpenVPN and RADIUS attributes
«
Reply #2 on:
September 02, 2017, 09:11:38 pm »
OpenVPN does not get RADIUS tags. It authenticates against a generic OPNsense authentication script which checks username and password. However OpenVPN has an own file to connect usernames to IP addresses.
Logged
fabio
Newbie
Posts: 46
Karma: 2
Re: OpenVPN and RADIUS attributes
«
Reply #3 on:
September 03, 2017, 12:24:21 pm »
Yes, at the moment I'm using "Client Specific Overrides" to push IPs and routes.
The idea was store this data to and external LDAP (already used for authentication) to simplify the users management and maybe add some logics to the RADIUS reply
looking around I've seen that the openvpn-auth-radius plugin should add those functionality... but its not present in the repository
Anyay thanks for the quick reply
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
OpenVPN and RADIUS attributes
