Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Openvpn - ssl/tls + user auth (ldap)

    2.0-RC Snapshot Feedback and Problems - RETIRED
    3
    7
    3760
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      beppo last edited by

      Hello,

      why it isn't possible to have ssl/tls + user authentification via ldap?

      greetings

      beppo

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        It should be, if you setup your LDAP server under System > User Manager, on the Servers tab. Or use the wizard.

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • E
          eazydor last edited by

          and LDAP for X-Auth? planned for somewhen?

          1 Reply Last reply Reply Quote 0
          • jimp
            jimp Rebel Alliance Developer Netgate last edited by

            @eazydor:

            and LDAP for X-Auth? planned for somewhen?

            For IPsec? If you want to know, open a new thread, that is not relevant to this thread.

            Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • B
              beppo last edited by

              Seems to work, i tried both:

              1. server mode (user auth with ldap backend)

              2. server mode (ssl/tls+user auth with local database)

              the openvpn client logs seem to be equal. I was a bit confused first because of the error message shown on the screenshot I attatched.



              remote_access_ssl_tls_user_auth_local_database.txt
              remote_access_user_auth_ldap.txt

              1 Reply Last reply Reply Quote 0
              • jimp
                jimp Rebel Alliance Developer Netgate last edited by

                Ah, now I remember why this was. LDAP/RADIUS was meant to work with just "user auth" completely in the GUI, otherwise you have to make the certificates for the users by hand.

                For SSL/TLS+User Auth, it does everything in the User Manager locally, but since the router doesn't have a database of users in LDAP/RADIUS, it doesn't (currently?) have a GUI for making arbitrary keys.

                Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • B
                  beppo last edited by

                  Ok, now I understand.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post