On Wed, Nov 23, 2011 at 12:40 PM, Nate <openvpn@aivector.com> wrote:
"In any case, openvpn-related integration issues is better suited on
openvpn list/forum. This list is more suitable for problems related to freeradius (hint: if you haven't had the need to run FR in debug mode then most likely it's not FR problem)."
Funny thing, they just sent me here lol
Well, at this point looking from Tue Nov 22 14:26:21 2011 {MYRADIUS_IP}:61645 TLS Auth Error: Auth Username/Password verification failed for peer the best guess I can give you is incorrrect user/pass. Why? Well, to answer that we need to look at FR debug log. Which you didn't send. Without that, your guess is as good as mine.
"If you simply want to authenticate openvpn users using radius, no need
to involve pam at all. See http://www.nongnu.org/radiusplugin/"
Thanks, I've tried the radiusplugin. Maybe I'll install it again. I didn't have much luck with that either.
It works. I know, I tried it :)
I appreciate the help though. My guess is at this point we have a radius server problem, but our cisco devices don't have any problems connecting to it, which is why I came to this forum.
My guess is it's related to PAM. IIRC if the user doesn't exists in the system (i.e. /etc/passwd), pam will send garbage password to radius. Which is why I suggest using radiusplugin directly. And again, if you have FR-related problems, run it in debug mode and post the log here. -- Fajar