OpenVPN - Active Directory authentication
I want to use user name and password from Active Directory when connect to VPN.
I know that OpenVPN can use custom script, teh problem is how to call a (PHP) script OUTSIDE pfSense? I want to build this authentication scheme:
User –-> OpenVPN GUI ---> user, password ---> pfSense ---> pfSense call internal (LAN) server XXX php file for authentication ---> user is connected or refused.
It is possible to run OpenVPN server directly to the internal server and just redirect port, but I want to use pfSense as OpenVPN server.
I have just implemented a solution where I connected the OpenVPN server to my Radius server (Internet Authentication Service - Microsoft).
I did this with the plugin openvpn-auth-pam. After a lot of problems it finally works ok. Te plugin you may revceive from the openvpn installation kit.
There is also a plugin named openvpn-auth-ldap on the net. Look in the forum there some pointers to it.