Hi All,
I would like to push ip address and routes to OpenVPN accounts using a RADIUS server.
With the current OPNSense implementation is it possible assign them with the Framed-IP-Address and Framed-Route attrs ?
Looking the confiuration file seems the RADIUS server is just use to verify the password ... but maybe I'm wrong
Thanks
Yes, since Openvpn ignores these attributes
OpenVPN does not get RADIUS tags. It authenticates against a generic OPNsense authentication script which checks username and password. However OpenVPN has an own file to connect usernames to IP addresses.
Yes, at the moment I'm using "Client Specific Overrides" to push IPs and routes.
The idea was store this data to and external LDAP (already used for authentication) to simplify the users management and maybe add some logics to the RADIUS reply
looking around I've seen that the openvpn-auth-radius plugin should add those functionality... but its not present in the repository
Anyay thanks for the quick reply