Freeradius and Netscreen VPN Authentication

freeradius freeradius at gardrail.com
Fri Nov 25 14:27:09 CET 2005


Greetings,

I've been attempting to get freeradius-1.0.2-2 on Fedora core 4 to send the correct
authentication information to my Netscreen VPN device.  my test user information within
the /etc/raddb/users file consists of:

freeradius       Auth-Type := Accept, Password=abcd1234, Ns-User-Group == Some_Secure_grp


---------

When I remove the user-group "Some_Secure_grp" from the following Netscreen
configuration line, I'm able to connect if I remove "Ns-User-Group == Some_Secure_grp"
from the configuration line from raddb's users file.

set ike gateway "GATEWAY-SOME_SECURE_GRP" xauth server "FreeRadius" user-group
"Some_Secure_grp"

---------

If I attempt to utilize group authentication, I recieve the following information in my
event log on the Netscreen device:

2005-11-23 14:31:56 system notif 00767 User freeradius belongs to a different
                                      group in the RADIUS server than one
                                      allowed in the device

---------

If anyone has any ideas, I’d greatly appreciate it.  Juniper doesn't really have many
people on their staff that has in depth experience with freeradius. 



More information about the Freeradius-Users mailing list