I'm currently using a perl auth-user-pass-verify script to authenticate clients versus a Radius server. Then I use a client-connect script to authorize access to internal resources, i.e. I add the client ip address of the newly created tunnel to some zone in the firewall. Which zone is selected depends on the user.
I would like to get the zone where the user belongs to from the Radius reply attributes. I have these attributes passed me from the Radius server in the auth-user-pass-verify script. I'm thinking about writing them in some private file cache for later client-connect script use, but I'm wondering if there's some built-in functionality to record something from the auth-user-pass-verify script for later use in the other scripts or in the configuration.
How to customize and extend your OpenVPN installation.
2 posts • Page 1 of 1
- OpenVpn Newbie
- Posts: 1
- Joined: Wed Jun 22, 2016 5:27 am
- Forum Team
- Posts: 82
- Joined: Tue May 10, 2011 7:57 pm
- Location: Manila, Philippines
Please refer to radius documentation on how to configure radius for hungroups
"Never be bullied into silence. Never allow yourself to be made a victim. Accept no ones definition of you"