Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Xauth Ldap

    Scheduled Pinned Locked Moved IPsec
    8 Posts 4 Posters 4.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      ninja76
      last edited by

      Let me re-phrase my previous question.  Can I run pfSenese with IPSec and have xauth use LDAP instead of system? Or is ldap,pam or radius support compiled into raccoon?

      Thanks

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Support is in the binaries but not in the GUI or the backend setup to handle the PAM bits. Probably not going to happen until 2.1, even if someone submits working code at this point.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • N
          ninja76
          last edited by

          thanks for the info. 
          Since its already compiled with ldap support then patching was cake.  It really just involved a slight gui change and modding the vpn.inc to include an ldapcfg section in racoon.conf
          I basically just added ldap as an option in the user_source and pulled host and basedn from my already configured ldap server in auth_servers.  Works great!  how can I submit a patch for users who do not want to wait for it to be in an offical release?

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Make a fork of the pfSense code repo here:
            https://github.com/bsdperimeter/pfsense

            Then commit your changes into your own clone of the pfSense code repo, and when that's done, submit a pull request so we can bring the changes back in.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • T
              trendchiller
              last edited by

              do the changes you made include GUI changes or it it wdirectly in the conf-file ?

              1 Reply Last reply Reply Quote 0
              • N
                ninja76
                last edited by

                Just a single GUI change to allow you to pick ldap instead of just system from the xAuth source (Only if you even have an ldap server setup for system auth).  And when ldap is selected vpn.inc writes out the ldapcfg block in racoon.conf using the ldap setting of the existing ldap server that was setup for system auth.

                1 Reply Last reply Reply Quote 0
                • T
                  trendchiller
                  last edited by

                  do you mind sending it to me ?
                  use the board pm ?

                  thank you in advance…

                  1 Reply Last reply Reply Quote 0
                  • N
                    networkninja
                    last edited by

                    Any chance we could get some status on this issue? This is a huge feature to have.

                    Thanks  :-*

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.