Openvpn server and Freeradius client
hal
hl700 at cc.usu.edu
Fri Jun 16 16:23:32 CEST 2006
On Jun 16, 2006, at 1:39 AM, A.L.M.Buxey at lboro.ac.uk wrote:
> Hi,
>
>> The above ONLY works when the username supplied by the Openvpn
>> client is found in the passwd file on the Openvpn server. Yes
>> it does use the radius server to authenticate.
>>
>> As you can imagine this is not the behavior I want.
>
> seems fine to me - but as you don't say what bahaviour you
> do want...
Sorry, it was clear to me. :^}
What I want is for the vpn server to act like an appliance.
None of the people using the vpn server will ever be permitted
log ON to the server. Thus having user accounts on the server
would be a bad thing, both from a security and administrative
point of view.
>
>> Is it redhat, Openvpn, Freeradius or a combination of the three?
>
> I assume you are trying to use the PAM functionality of OpenVPN
> server...and using the RADIUS PAM plugin. if ONLY accounts
> that are in /etc/passwd etc are working, then it is a PAM
> configuration issue. I'd check through the login/account
> parts of the PAM subsystem (oh and the PAM logs) to see what
> REQUIRES flags etc are being used.
Exactly. Logs?! Oh.
hal
More information about the Freeradius-Users
mailing list