On 1.9.2020. 15:22, Stuart Henderson wrote: > On 2020-09-01, Hrvoje Popovski <[email protected]> wrote: >> Hi all, >> >> does anyone use an openconnect server on openbsd and have guidelines on >> how to configure it? i see that an openconnect server can use radius, so >> it's interesting to me. Which client do you use to connect to the >> openconnect server? > > It worked when I tested after porting ocserv/openconnect, but I'm not using > it in production. You should be able to connect to ocserv using either the > openconnect client or cisco anyconnect client. > >> If there is something else that can use radius, i would like to know? > > at least these: > > - npppd (yeuch l2tp :) > > - openvpn (there's a username/pw auth method using a helper script, > you can write something calling a radius client to check auth, also > yeuch openvpn :) > > I did once see some code including radius support for iked but it > was tied up with a bunch of other changes and looked a bit complex > to separate. I don't recall whether it was just username/pw or if > it did full EAP. > >
Tnx for information. It would be great to have radius support for iked so students could use eduroam username/pass for vpn ...
