Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN, RADIUS & Client-Specific Overrides

    OpenVPN
    1
    1
    761
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      Optimaximal
      last edited by

      We run OpenVPN in Remote Access (SSL/TLS + User Auth) mode, using RADIUS on a Server 2012 DC for the authentication.

      Before enabling RADIUS, pfSense would use the users certificate CN to trigger a client-specific override. Since enabling RADIUS, it seems pf is taking the domain username as the Common Name for the connection and not applying the CSO.

      Is there an option to tell pf to either retain and use the certificate CN as the auth or will it always use the RADIUS result because it is the second factor?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.