Using RADIUS with Group, Permissions and IP Assignment

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
gary.steers@gtt.net
OpenVpn Newbie
Posts: 1
Joined: Mon Feb 04, 2019 2:23 pm

Using RADIUS with Group, Permissions and IP Assignment

Post by gary.steers@gtt.net » Tue Mar 17, 2020 5:18 pm

All,

I had previously used a similar guide to below to get RADIUS with Groups support working:
https://openvpn.net/vpn-server-resource ... post_auth/

The previous one had an AD.py instead of the python attached, however as of 2.75 (and as far forward as 2.8.2) this is no longer working

I have updated the script and it is now working, an updated version can be found on my github:
https://github.com/garysteers/openvpn-a ... mapping.py

Hopw this helps a few people out...

Logicwrath
OpenVpn Newbie
Posts: 1
Joined: Tue Mar 17, 2020 6:57 pm

Re: Using RADIUS with Group, Permissions and IP Assignment

Post by Logicwrath » Tue Mar 17, 2020 7:22 pm

I have RADIUS authentication enabled and it seems to work. I used the same article you posted to set this up.

When I ./authcli as as admin user I can authenticate but it does not allow the user to logon to the Admin web interface.

API METHOD: authenticate
AUTH_RETURN
status : SUCCEED
session_id : AS_gZ6G3aeNj1UWJSGV/2aFzw==
reason : RADIUS MS-CHAP2 access accepted
expire : 1584475314
user : removed
proplist : {'prop_deny': 'false', 'conn_group': 'Admins', 'prop_force_lzo': 'false', 'prop_autogenerate': 'true'}

I get:
You are not authorized to use the Admin UI
You do not have Administrative permission

I have a group called Admins on the access server, and this group has the Admin checkbox selected.

I have tried the python script in the article and your github version. Both seem to authenticate to Radius. Neither will allow an admin to logon.

Additionally, there are no persistent user records being created on the server. The admin/user_permissions page only shows the one default administrator user and none of the RADIUS authenticated users. This is on version 2.7.5 and 2.8.2. Is this related to your issue?

atec
OpenVpn Newbie
Posts: 1
Joined: Thu Mar 19, 2020 5:13 pm

Re: Using RADIUS with Group, Permissions and IP Assignment

Post by atec » Thu Mar 19, 2020 5:17 pm

Same issue here.

Post Reply