|
|
Hi all, just thought I'll post a message with my success story on getting radius authentication working. Hopefully it will help someone trying to do the same. server os is Redhat 8 client os XP sp1 radius server is Windows 2003 Enterprise server. 1. add plugin line in openvpn_server.conf or whatever you called it. plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so openvpn 2. if not installed, download and compile the pam_radius_auth pam module ftp://ftp.freeradius.org/pub/radius/pam_radius-1.3.16.tar 3. copy pam_radius_auth.so to /lib/security/ 4. create /etc/raddb/server file and add radius server details like this: 192.168.2.1 mysecret123456 5. create pam file /etc/pam.d/openvpn with the following contents #%PAM-1.0 auth sufficient pam_radius_auth.so debug account sufficient pam_permit.so session sufficient pam_permit.so 6. Install the "Internet Authentication Server" (IAS) on Windows server. 7. Add radius client with matching secret as above, radius client vendor:standard 8. Make sure user is allowed to dial-in. 9. In the Openvpn client config add the following line to enable authentication. auth-user-pass 10. Done. Hope this helps. Greg ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-12/msg00323.html on line 218 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-12/msg00323.html on line 218 |