Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPsec + ldap xauth

    Scheduled Pinned Locked Moved 2.1 Snapshot Feedback and Problems - RETIRED
    4 Posts 3 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nataans
      last edited by

      Hello all,

      I have been testing IPsec on the latest snapshot (built on Fri May 25 18:38:27 EDT 2012 ) and when I set user authentication source to 'LDAP', racoon service seems to fail to start. The logs show the following:

      racoon: ERROR: /var/etc/racoon.conf:25: "ldapcfg" racoon not configured with –with-libldap

      I have read some older posts regards ldap authentication and people seem to think that racoon has been compiled with ldap option. Can anyone share their thoughts who are experts in this area.

      Many thanks,

      Andris

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        There was never any proper backend code for IPsec to auth against Radius or LDAP.

        We are changing it before 2.1 ships, there's an open ticket yet. There will be a script (like how openvpn does it) so that racoon doesn't need direct knowledge of radius or ldap, it'll call our script and let our script decide if a user is OK or not.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • M
          mattderk
          last edited by

          I saw in the latest beta build of 2.1 (July 22nd 2012 I think) Xauth LDAP options for ipsec tunnels.  When set it seems to fail.  Should Xauth and LDAP in ipsec work ?

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            No, it doesn't work right now.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.