Hello,
I've installed IPsec using connections. Authentication run over FreeRADIUS. Let me a few words explain. There are two user Profile, users and devs.
1. Radius check it in LDAP and generate an answer like this.
if(LDAP-Group == "devs") {
update reply { Class += "devs" }
}
if(LDAP-Group == "users") {
update reply { Class += "users" }
}
2. In the opnsense, under System->Access->Groups, i created the two groups. devs and users.
3. Under "VPN->IPsec->Connections" there are two connections. In "Remote Authentication" of each connection i set the Group i want to this conneciton.
This worked well since the last Update to 25.1.7_4. Into the log files i get this.
constraint check failed: group membership to 'devs' required
unacceptable: non-matching authentication done
Debug: If i take out the Group in the "Remote Authentication", then "Nothing selected" stand in the field, connect to the VPN work then.
Can some one help me? Wath is changed?