Openvpn - ssl/tls + user auth (ldap)
-
Hello,
why it isn't possible to have ssl/tls + user authentification via ldap?
greetings
beppo
-
It should be, if you setup your LDAP server under System > User Manager, on the Servers tab. Or use the wizard.
-
and LDAP for X-Auth? planned for somewhen?
-
and LDAP for X-Auth? planned for somewhen?
For IPsec? If you want to know, open a new thread, that is not relevant to this thread.
-
Seems to work, i tried both:
1. server mode (user auth with ldap backend)
2. server mode (ssl/tls+user auth with local database)
the openvpn client logs seem to be equal. I was a bit confused first because of the error message shown on the screenshot I attatched.
remote_access_ssl_tls_user_auth_local_database.txt
remote_access_user_auth_ldap.txt -
Ah, now I remember why this was. LDAP/RADIUS was meant to work with just "user auth" completely in the GUI, otherwise you have to make the certificates for the users by hand.
For SSL/TLS+User Auth, it does everything in the User Manager locally, but since the router doesn't have a database of users in LDAP/RADIUS, it doesn't (currently?) have a GUI for making arbitrary keys.
-
Ok, now I understand.
