How to restrict authorization to members of FreeIPA group
keesb at ghs.com
Tue Jul 9 15:01:34 CEST 2019
I'm very new to FreeRADIUS and I'm quite confused about the configuration.
We have a Cisco for VPN and we have FreeIPA for the user administration.
What I want is to only allow users in a FreeIPA group to connect to the VPN.
Notice that, as far as FreeRADIUS is concerned FreeIPA is just an LDAP
So far I am able to connect the radius server to our FreeIPA server. Using
the radtest command I can see that authentication works. (I'm not sure
about authorization, though.)
The Cisco is configured and FreeIPA users can connect to the VPN. However, I
haven't figured out how to restrict VPN to only users from a specific group.
Which configuration file do I need to adapt? Where should I be looking?
More information about the Freeradius-Users