Radius and assign groups?

[JanJoh74]

Ok, I got (Free)RADIUS working for auth of users... But, how can I assign a OpenVPN-AS group to the logged on user?

I have set up two different groups with access to different networks/hosts/services with Use Access Controls -> Access to.

[nsumner]

You probably figured it out already but I faced the same problem and the solution is really very simple.

Let us say you have a user with username "user1". You create a user called user1 and assign them to the appropriate group. They will authenticate via RADIUS if that is what you have set but the AS sees that they are "user1" and gives them appropriate permissions.

I would rather get the membership info from RADIUS (which means I could keep everything in "1 place" (Active Directory) which is possible (from NPS at least) but all in all it doesn't make that big a difference, since I don't have thousands of users.

[JanJoh74]

You probably figured it out already but I faced the same problem and the solution is really very simple.

Let us say you have a user with username "user1". You create a user called user1 and assign them to the appropriate group. They will authenticate via RADIUS if that is what you have set but the AS sees that they are "user1" and gives them appropriate permissions.

I would rather get the membership info from RADIUS (which means I could keep everything in "1 place" (Active Directory) which is possible (from NPS at least) but all in all it doesn't make that big a difference, since I don't have thousands of users.

That did not work for me. The per-group-settings (which subnets are announced and such) did not work when I did just that.

[hakd]

First hi all.

I need some information about OpenVPN and Ms NAP protocol support.
How its working?
Making connection via openvpn and after my nap client remoted by Network policy server ? or openvpn has a nap support and nps server controlling vpn client while connection started!
I really need help about how its works.
Thanks your advice.

Hakan.