[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] OpenVPN with FreeRadius authentication not working


  • Subject: [Openvpn-users] OpenVPN with FreeRadius authentication not working
  • From: "Vahur Saaremets" <vahur.saaremets@xxxxxxxxx>
  • Date: Wed, 18 Jul 2007 17:27:30 +0300

Hi!

I've got OpenVPN server set up on Debian sarge 3.1r4 and client on WinXP SP2.
The FreeRadius server is set up on the same machine as the VPN server.

Although the connection between the client and server work just fine
I just can't get the OpenVPN to communicate with the radius server.
I mean, authentication is working, but nothing shows up in the freeradius log
and it makes no difference if I stop the radius server completely.

What I myself find strange is the line in OpenVPN server log saying:

AUTH-PAM: BACKGROUND: INIT service='/etc/pam.d/openvpn'
Wed Jul 18 16:46:44 2007 us=925218 PLUGIN_INIT: POST /etc/openvpn/openvpn-auth-pam.so '/etc/pam.d/openvpn' intercepted=PLUGIN_AUTH_USER_PASS_VERIFY


I know I'm overlooking something obvious,
but I'd be really grateful if someone were to point me to the right direction.

All the best,
wahur

My log files:
server.log - http://www.physic.ut.ee/~wahur/server.log
client.log - http://www.physic.ut.ee/~wahur/client.log

My configuration is following:

# /etc/openvpn/server.conf
local 192.168.1.108
port 1194
proto udp
dev tun
plugin /etc/openvpn/openvpn-auth-pam.so /etc/pam.d/openvpn
ca keys/ca.crt
cert keys/server.crt
key keys/server.key
dh keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-to-client
keepalive 10 120
comp-lzo
max-clients 15
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
verb 9
mute 20
-----------------------------------------------------
# /etc/pam.d/openvpn
#%PAM-1.0
auth            required        /lib/security/pam_radius_auth.so
-----------------------------------------------------
# /etc/raddb/server
127.0.0.1:1812  password
-----------------------------------------------------
#client.ovpn
client
dev tun
dev-node "OpenVPN"
proto udp
remote 192.168.1.108 1194
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca "..\\keys\\ca.crt"
cert "..\\keys\\client.crt"
key "..\\keys\\client.key"
ns-cert-type server
comp-lzo
verb 9
log "..\\log\\openvpn.log"
auth-user-pass
mute 20