OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 20.7 Legacy Series »
  • opnSense and UCS - Radius/DHCP/VPN rights
« previous next »
  • Print
Pages: [1]

Author Topic: opnSense and UCS - Radius/DHCP/VPN rights  (Read 1695 times)

vikozo

  • Full Member
  • ***
  • Posts: 211
  • Karma: 5
    • View Profile
    • wombat.ch
opnSense and UCS - Radius/DHCP/VPN rights
« on: August 30, 2020, 05:57:46 pm »
Hello

I have UCS (Univention Corporate Server) running with User Management.
I also run a opnSense FW.

first,
i manage Radius and DHCP on my opnSense, would it be wise to move this function to the UCS itself?
It is possible to hold them on both place like a master and Backup system? if yes how?

Then
i have also the VPN on my opnSense, how to manage the userrights for VPN over UCS and giving the Information to the opnSense, how to add the Certificate back to the user. Goal would be a login into the VPN and get the cert.

How did you solved this challange?

have a nice day
vinc
Logged
apu2c4 / wle200nx / 240 Disk --> Firewall | FW-03
---
OPNsense 22.1.6-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022

vikozo

  • Full Member
  • ***
  • Posts: 211
  • Karma: 5
    • View Profile
    • wombat.ch
Re: opnSense and UCS - Radius/DHCP/VPN rights
« Reply #1 on: September 08, 2020, 08:40:47 am »
any idea how to solve this challange?
Logged
apu2c4 / wle200nx / 240 Disk --> Firewall | FW-03
---
OPNsense 22.1.6-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022

vikozo

  • Full Member
  • ***
  • Posts: 211
  • Karma: 5
    • View Profile
    • wombat.ch
Re: opnSense and UCS - Radius/DHCP/VPN rights
« Reply #2 on: October 07, 2020, 03:02:17 pm »
Hello
ok i think the best would be:
UCS hold the USER Management
opnSense keep DHCP and Radius!

But on a Unifi AP i have to define for wlan Access a Radius server and i am not sure what should be added there!
Basicly the AP is allready connected with Radius and so far this works.
This (on the Picture) would be needed to check the user login too, so i am a bit confused…

The SSID is fixed to a VLAN and the VLAN is known on the opnSense, with WPA the connection works - just without user authentication

have a nice day
vinc
« Last Edit: October 07, 2020, 03:05:27 pm by vikozo »
Logged
apu2c4 / wle200nx / 240 Disk --> Firewall | FW-03
---
OPNsense 22.1.6-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022

Goombadave

  • Newbie
  • *
  • Posts: 18
  • Karma: 0
    • View Profile
Re: opnSense and UCS - Radius/DHCP/VPN rights
« Reply #3 on: November 05, 2020, 01:55:59 am »
I do not have an answer for you however I have he same setup and also am looking for guidance on how best to have these play together.
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 20.7 Legacy Series »
  • opnSense and UCS - Radius/DHCP/VPN rights
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2