[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Authentication Support of Freeradius for OpenVPN "Not Work "????

  • Subject: [Openvpn-users] Authentication Support of Freeradius for OpenVPN "Not Work "????
  • From: Jedliu <jedliu@xxxxxxxxx>
  • Date: Sat, 4 Mar 2006 13:52:07 +0800

Hello,
Everyone.

I wanna support Openvpn with the authentication support of Freeradius,but it not work.
Hope someone can give some hints.
The detail as follows:
+++++++++File++++++++++++Location+++++++++++
openvpn-auth-pam.so          /etc/openvpn/openvpn-auth-pam.so
pam_radius_auth.so          /lib/security/pam_radius_auth.so
pam_radius_auth.conf        /etc/raddb/server/pam_radius_auth.conf
radiusd                     /etc/pam.d/radiusd
server.conf                 /etc/openvpn/server.conf

++++++File+++++
radiusd
+++++Content+++
   #%PAM-1.0
   auth            sufficient      pam_radius_auth.so      debug
   account         sufficient      pam_permit.so
   session         sufficient      pam_permit.so

Got infor from:
http://openvpn.net/archive/openvpn-users/2005-12/msg00323.html

++++++File+++++
pam_radius_auth.conf
+++++Content+++
# server[:port] shared_secret      timeout (s)
127.0.0.1        jedliu             1
*.*.*.*          jedliu             1
#other-server    other-secret       3

++++++File+++++
server.conf
+++++Content+++
;plugin /etc/openvpn/openvpn-auth-pam.so /etc/pam.d/login
plugin /etc/openvpn/openvpn-auth-pam.so /etc/pam.d/radiusd

Problem:
1-Start the radiusd server in debug mode:
$radiusd -X
2-Test whether the radiusd server working:
$radtest jedliu jedliu 0 jedliu
3-Get the acceptance signal && See signal from the Debugging "radiusd -X" window

4-Start Openvpn server:
$openvpn --config /etc/openvpn/server.conf
5a)-If use "plugin /etc/openvpn/openvpn-auth-pam.so /etc/pam.d/login" in /etc/pam.d/radiusd file:
Result:Client get the Virtual Ip and all are normal

5b)-If use "plugin /etc/openvpn/openvpn-auth-pam.so /etc/pam.d/radiusd" in /etc/pam.d/radiusd file:
Result:Client can't get thro with the returning of authentication failed;

*************************And The Most Problem Is That:
I can't see any signal from the Debugging "radiusd -X" Window*****************************

Then i use command "netstat -l" but I can't find the listening port of 1812.

So anyone can tell me the problems?
where is the log file of the module"pam_radius_auth.so"?
And how to deal with?
Thx :)

Jed
03-04                                                                                                                            

Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-03/msg00039.html on line 187

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-03/msg00039.html on line 187