openLDAP, freeRadius and firewall integration

M. selcuk karaca selcuk.karaca at
Wed May 31 12:56:50 CEST 2017


I have an architectural question and I hope I will not destroy list rules

We have an openLDAP server. And we want to integrate  LDAP users to our 
firewall. Our ultimate aim for integration is to apply FW policies 
according to users. curently we are applying policies according to IP 

Because openLDAP server does not provide us with accounting information 
sent to the FW, we have employed a freeRadius server.

But we could not trigger freeRadius accounting packages by 
authenticating our users with openLDAP server. SO we have used 
libpam-radius-auth package and directly authenticated users from freeRadius.

I want to ask whether this way is a logical one. does this have any 
negative effects, not recommended etc..

what should be the correct architecture for authenticating our users 
from openLDAP and provide Firewall integration for user based policies..?

Thanks for your guidance..

More information about the Freeradius-Users mailing list