Setting up OpenVPN with LDAP



  • Hi,
    I've setup a LDAP certificate authority on PfSense, the diagnostic tool works with authenticating users on LDAP… Now I'm trying to configure an OpenVPN server to get the users to authenticate through the Samba4 ldap server server(followed this guide) https://doc.pfsense.org/index.php/OpenVPN_with_RADIUS_via_Active_Directory … I don't have a RADIUS server, however I don't think thats the issue. I need a 2 step verification for this, and I think thats what the local CA and the LDAP auth. are adequate. I'm having issues with the client export utility as I'm not sure what to specify there. When I export an inline config(which works with the PfSense admin-ca) and try to connect to the server, whatever I've typed in, it doesn't any errors in the output(so I assume I've haven't set up the config on the server or exported the client file properly), and it also doesn't connect to the defined lan network in the server config. What I've found about OpenVPN authenticating with Samba4 ldap server is this link https://www.howtoforge.com/set-up-openvpn-server-with-authentication-against-openldap-on-debian-6.0-squeeze… My PfSense ver. is 2.26, and if this can't be configured, I would have to add local users to the PfSense box, which also brings up the issue with char. restrictions. Sorry if this is a double post, but I searched through this forum and haven't found a guide... ANY response would be helpful, as this is sort of urgent for me as I have some ISP migration problems. Samba4 ldap serveris on CentOS, so any response regarding troubleshooting this would be helpful.
    Regards PfSensey's

    NOTE: FIXED - Needed to add rules to allow UDP to WAN interface


Log in to reply