I have spent way too many hours scouring the net for info and need a little
direction here ...
I'm trying to set up security for my OpenVPN connections. I would like to use
Radius or LDAP but need to have user-level policies.
The stock solution for this problem appears to be Client Specific Overrides
(CSO) but they have a couple drawbacks that I can see, including:
* Data replication ... prefer centralized authentication
* Apparently confines each user to a single active connection
* Unless I am missing something here (I hope)
* ?? Unable to assign a DHCP range assigned to the CSO ??
* New connection uses same IP as established connection ... effectively
shuts down established connection
* *** I hope that this problem is a mis-config on my part ***
* I read that v2.1 (at least) supports avpairs with Radius (I believe) but
am unable to find specific information on how to use it.
* Would this feature allow me to accomplish my goal?
* are ACL's handled appropriately?
Where can I find more information?
Paul
_______________________________________________
List mailing list
[email protected]
https://lists.pfsense.org/mailman/listinfo/list
