Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
OpenVPN and RADIUS attributes
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenVPN and RADIUS attributes (Read 1965 times)
fabio
Newbie
Posts: 43
Karma: 2
OpenVPN and RADIUS attributes
«
on:
September 02, 2017, 05:24:25 pm »
Hi All,
I would like to push ip address and routes to OpenVPN accounts using a RADIUS server.
With the current OPNSense implementation is it possible assign them with the Framed-IP-Address and Framed-Route attrs ?
Looking the confiuration file seems the RADIUS server is just use to verify the password ... but maybe I'm wrong
Thanks
Logged
mimugmail
Hero Member
Posts: 3760
Karma: 271
Re: OpenVPN and RADIUS attributes
«
Reply #1 on:
September 02, 2017, 08:49:27 pm »
Yes, since Openvpn ignores these attributes
Logged
IRC: mimugmail
Twitter: mimu_muc
WWW:
www.routerperformance.net
fabian
Hero Member
Posts: 2310
Karma: 165
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: OpenVPN and RADIUS attributes
«
Reply #2 on:
September 02, 2017, 09:11:38 pm »
OpenVPN does not get RADIUS tags. It authenticates against a generic OPNsense authentication script which checks username and password. However OpenVPN has an own file to connect usernames to IP addresses.
Logged
fabio
Newbie
Posts: 43
Karma: 2
Re: OpenVPN and RADIUS attributes
«
Reply #3 on:
September 03, 2017, 12:24:21 pm »
Yes, at the moment I'm using "Client Specific Overrides" to push IPs and routes.
The idea was store this data to and external LDAP (already used for authentication) to simplify the users management and maybe add some logics to the RADIUS reply
looking around I've seen that the openvpn-auth-radius plugin should add those functionality... but its not present in the repository
Anyay thanks for the quick reply
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
OpenVPN and RADIUS attributes
