Ok, I got (Free)RADIUS working for auth of users... But, how can I assign a OpenVPN-AS group to the logged on user?
I have set up two different groups with access to different networks/hosts/services with Use Access Controls -> Access to.
Radius and assign groups?
-
- OpenVpn Newbie
- Posts: 2
- Joined: Tue Apr 03, 2012 12:08 pm
Re: Radius and assign groups?
You probably figured it out already but I faced the same problem and the solution is really very simple.
Let us say you have a user with username "user1". You create a user called user1 and assign them to the appropriate group. They will authenticate via RADIUS if that is what you have set but the AS sees that they are "user1" and gives them appropriate permissions.
I would rather get the membership info from RADIUS (which means I could keep everything in "1 place" (Active Directory) which is possible (from NPS at least) but all in all it doesn't make that big a difference, since I don't have thousands of users.
Let us say you have a user with username "user1". You create a user called user1 and assign them to the appropriate group. They will authenticate via RADIUS if that is what you have set but the AS sees that they are "user1" and gives them appropriate permissions.
I would rather get the membership info from RADIUS (which means I could keep everything in "1 place" (Active Directory) which is possible (from NPS at least) but all in all it doesn't make that big a difference, since I don't have thousands of users.
-
- OpenVpn Newbie
- Posts: 9
- Joined: Thu Mar 15, 2012 12:50 am
Re: Radius and assign groups?
That did not work for me. The per-group-settings (which subnets are announced and such) did not work when I did just that.nsumner wrote:You probably figured it out already but I faced the same problem and the solution is really very simple.
Let us say you have a user with username "user1". You create a user called user1 and assign them to the appropriate group. They will authenticate via RADIUS if that is what you have set but the AS sees that they are "user1" and gives them appropriate permissions.
I would rather get the membership info from RADIUS (which means I could keep everything in "1 place" (Active Directory) which is possible (from NPS at least) but all in all it doesn't make that big a difference, since I don't have thousands of users.
-
- OpenVpn Newbie
- Posts: 1
- Joined: Wed Jun 06, 2012 7:47 am
Re: Radius and assign groups?
First hi all.
I need some information about OpenVPN and Ms NAP protocol support.
How its working?
Making connection via openvpn and after my nap client remoted by Network policy server ? or openvpn has a nap support and nps server controlling vpn client while connection started!
I really need help about how its works.
Thanks your advice.
Hakan.
I need some information about OpenVPN and Ms NAP protocol support.
How its working?
Making connection via openvpn and after my nap client remoted by Network policy server ? or openvpn has a nap support and nps server controlling vpn client while connection started!
I really need help about how its works.
Thanks your advice.
Hakan.