9 Jul
2019
9 Jul
'19
9:01 a.m.
Hi, I'm very new to FreeRADIUS and I'm quite confused about the configuration. We have a Cisco for VPN and we have FreeIPA for the user administration. What I want is to only allow users in a FreeIPA group to connect to the VPN. Notice that, as far as FreeRADIUS is concerned FreeIPA is just an LDAP server. So far I am able to connect the radius server to our FreeIPA server. Using the radtest command I can see that authentication works. (I'm not sure about authorization, though.) The Cisco is configured and FreeIPA users can connect to the VPN. However, I haven't figured out how to restrict VPN to only users from a specific group. Which configuration file do I need to adapt? Where should I be looking? -- Kees