Messages

I'm running OCserv for SSLVPN authentication with RADIUS on OPNsense 22.7.7

As authentication source am using an LDAP server. The setup is working fine and users can connect successfully using RADIUS+LDAP authentication and receive an IP address.

After I create the user account on the LDAP server I want force the user to change its assigned password on first login or if the account is already expired and he is trying to connect to VPN.

Is this possible to be done using Freeradius ?

I did not find any document or solution to explain if this can be done or if it is supported when using RADIUS+LDAP authentication for OCserv.

Thank you and kind regards,

This is my mini PC on which i'm running OPNsense https://www.aliexpress.com/item/4000627539297.html

Indeed I have a secondary COM 2 port which is DB-9 but the UGREEN USB to RS232, USB Serial Cable DB9 is not good for me since the second COM port is male DB-9 so I need a female DB-9 ending on the other side similar to this one https://www.aliexpress.com/item/32922249681.html?spm=a2g0o.cart.0.0.7c4e3c00k6MeLi&mp=1

I also heard that Ugreen has very good products and I also was looking at this https://www.ugreen.com/products/usb-2-0-to-rj45-console-cable which uses the well known FTDI chip instead of CH340. I have asked them if this cable can be used as null modem and I'm waiting for an answer from them.

Thanks for support

Usual way to test the serial adaptor cable is OK is to short the tx/rx pins ( not easy with an RJ45 ) and enter some data in putty, you should see the data come straight back  to you. You'd need to check the serial chip in mini pc and then see if there is a driver for it in  FreeBSD.

I have tried to manually short the RX/TX pins on the RJ-45 side of the cable and I only see some strange characters automatically being typed after I shortens these 2 pins Rx pin 2 and TX pin 3. I have checked this diagram for CH340 which I assume is correct https://wiki.kewl.org/dokuwiki/interfaces:ch340g
Inside OPNsense in dmesg output I see

Code Select Expand

cat /var/log/dmesg.today | grep uart
uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
uart0: console (115200,n,8,1)

I also manually loaded in OPNsense the uchcom driver for this cable but still does not work.
I assume it might be an incompatibility or a driver issue.

Hello,

I have a similar issue. I have this mini PC https://ae01.alicdn.com/kf/H8870d53ce16d49ca8cb9795c717d0e7az.jpg on which I'm running OPNsense 20.7.1.

I want to access it over the serial COM 1 port and I have bought an USB to RJ45 console cable https://www.aliexpress.com/item/4000274169804.html?spm=a2g0s.9042311.0.0.785a4c4dzsp4wF and I tried to connect to it from Linux and Windows using minicom, picocom, screen, PuTTY and the connection is established but I cannot see anything on the console.

On both PC Windows and Linux PC I see the driver for this console cable is installed CH341.

On OPNsense GUI I have enabled the serial console, set speed 115200, checked also the Use USB-based serial ports option and set serial and primary console and VGA as secondary.

Does anyone know if this type of cable is not compatible and should I buy something else or I am doing something wrong ? Any recommendation ?

Thanks,

I just installed latest release of OPNsense 20.7 and it seems Unbound DNS blacklist do not work at all. No matter what lists I select from the dropdown list ads are still being displayed.

I believe e2guardian will be a great addition to OPNsense. I'm also waiting for this to be included in the plugins list.