Openvpn - ssl/tls + user auth (ldap)

beppo

Hello,

why it isn't possible to have ssl/tls + user authentification via ldap?

greetings

beppo

jimp

It should be, if you setup your LDAP server under System > User Manager, on the Servers tab. Or use the wizard.

eazydor

and LDAP for X-Auth? planned for somewhen?

jimp

@eazydor:

and LDAP for X-Auth? planned for somewhen?

For IPsec? If you want to know, open a new thread, that is not relevant to this thread.

beppo

Seems to work, i tried both:

1. server mode (user auth with ldap backend)

2. server mode (ssl/tls+user auth with local database)

the openvpn client logs seem to be equal. I was a bit confused first because of the error message shown on the screenshot I attatched.

remote_access_ssl_tls_user_auth_local_database.txt
remote_access_user_auth_ldap.txt

jimp

Ah, now I remember why this was. LDAP/RADIUS was meant to work with just "user auth" completely in the GUI, otherwise you have to make the certificates for the users by hand.

For SSL/TLS+User Auth, it does everything in the User Manager locally, but since the router doesn't have a database of users in LDAP/RADIUS, it doesn't (currently?) have a GUI for making arbitrary keys.

beppo

Ok, now I understand.