OPNsense Forum

Archive => 20.7 Legacy Series => Topic started by: vikozo on August 30, 2020, 05:57:46 pm

Title: opnSense and UCS - Radius/DHCP/VPN rights
Post by: vikozo on August 30, 2020, 05:57:46 pm
Hello

I have UCS (Univention Corporate Server) running with User Management.
I also run a opnSense FW.

first,
i manage Radius and DHCP on my opnSense, would it be wise to move this function to the UCS itself?
It is possible to hold them on both place like a master and Backup system? if yes how?

Then
i have also the VPN on my opnSense, how to manage the userrights for VPN over UCS and giving the Information to the opnSense, how to add the Certificate back to the user. Goal would be a login into the VPN and get the cert.

How did you solved this challange?

have a nice day
vinc
Title: Re: opnSense and UCS - Radius/DHCP/VPN rights
Post by: vikozo on September 08, 2020, 08:40:47 am
any idea how to solve this challange?
Title: Re: opnSense and UCS - Radius/DHCP/VPN rights
Post by: vikozo on October 07, 2020, 03:02:17 pm
Hello
ok i think the best would be:
UCS hold the USER Management
opnSense keep DHCP and Radius!

But on a Unifi AP i have to define for wlan Access a Radius server and i am not sure what should be added there!
Basicly the AP is allready connected with Radius and so far this works.
This (on the Picture) would be needed to check the user login too, so i am a bit confused…

The SSID is fixed to a VLAN and the VLAN is known on the opnSense, with WPA the connection works - just without user authentication

have a nice day
vinc
Title: Re: opnSense and UCS - Radius/DHCP/VPN rights
Post by: Goombadave on November 05, 2020, 01:55:59 am
I do not have an answer for you however I have he same setup and also am looking for guidance on how best to have these play together.