Active Directory authenticated VPN

Pisch Tamás pischta at gmail.com
Tue May 11 14:05:02 CEST 2021


Hi,

Sorry, it's me again. As I mentioned, I set up SoftEther with RADIUS
authentication. It works strangely. I can connect from Windows10 with the
built-in client... *once*, and when I disconnect and try to connect again,
I get "The PPP link control protocol was terminated" error. the recommended
solution didn't work:
https://docs.microsoft.com/en-us/troubleshoot/windows-client/networking/cannot-establish-dial-up-connection
Ok, I then tried the SoftEther client. It works if I write
DEFAULT         Auth-Type := LDAP
in the users file. But when I try to connect with the built-in Windows
client with this setting, on the server side I see a big warning:
 ldap: WARNING: You have set "Auth-Type := LDAP" somewhere
(0) ldap: WARNING: *********************************************
(0) ldap: WARNING: * THAT CONFIGURATION IS WRONG.  DELETE IT.
(0) ldap: WARNING: * YOU ARE PREVENTING THE SERVER FROM WORKING
(0) ldap: WARNING: *********************************************
(0) ldap: ERROR: Attribute "User-Password" is required for authentication
Ok, I force the ldap auth, but without it, the authentication doesn't work.
As I understand, Freeradius goes through on all methods until it finds one
working. But without the mentioned default setting, it doesn't work. How
can I use the SoftEther client without it? I can connect with it at least.
According to the SoftEther documentation (
https://www.softether.org/4-docs/1-manual/2._SoftEther_VPN_Essential_Architecture/2.2_User_Authentication)
it uses PAP authentication, but I can establish the vpn only with forced
LDAP authentication. Why?

Thanks,

Tamás.


More information about the Freeradius-Users mailing list