Re: [strongSwan] Regarding Strongswan and AD
Thank you for your response. I successfully configured user authentication with AD. On Thu, Aug 15, 2019 at 12:13 PM Andreas Steffen < andreas.stef...@strongswan.org> wrote: > Hi, > > your concept seems correct. Set up the authentication in steps: > > 1) Define user credentials locally on the Freeradius server >and set up an EAP-RADIUS connection from the strongSwan VPN gateway >to the FreeRadius server along the following example scenario: > > > https://www.strongswan.org/testing/testresults/swanctl/rw-eap-ttls-radius/ > > 2) Connect the Microsoft AD with FreeRadius so that the User Credentials >can reside on the AD. > > Regards > > Andreas > > On 14.08.19 03:27, Bidhan Khatri wrote: > > 've been searching for the solution but couldn't find it so I'm writing > > to you. I hope I will get an answer. I've configured Strongswan and for > > authentication, I'm planning to use Microsoft AD. I've configured radius > > client on AD and set up samba on my centos 7 Strongswan server but still > > couldn't authenticate the users. I'm stuck somewhere or missing > something. > > > > My setup is: > > client -> Strongswan(centos 7) -> radius(free radius,centos 7) -> > > AD(Microsoft) > > > > Can you provide some guidance regarding this? I've to complete this > > project this month. > > > > Thank you > > -- > == > Andreas Steffen andreas.stef...@strongswan.org > strongSwan - the Open Source VPN Solution! www.strongswan.org > Institute for Networked Solutions > HSR University of Applied Sciences Rapperswil > CH-8640 Rapperswil (Switzerland) > ===[INS-HSR]== > >
Re: [strongSwan] Regarding Strongswan and AD
Hi, your concept seems correct. Set up the authentication in steps: 1) Define user credentials locally on the Freeradius server and set up an EAP-RADIUS connection from the strongSwan VPN gateway to the FreeRadius server along the following example scenario: https://www.strongswan.org/testing/testresults/swanctl/rw-eap-ttls-radius/ 2) Connect the Microsoft AD with FreeRadius so that the User Credentials can reside on the AD. Regards Andreas On 14.08.19 03:27, Bidhan Khatri wrote: > 've been searching for the solution but couldn't find it so I'm writing > to you. I hope I will get an answer. I've configured Strongswan and for > authentication, I'm planning to use Microsoft AD. I've configured radius > client on AD and set up samba on my centos 7 Strongswan server but still > couldn't authenticate the users. I'm stuck somewhere or missing something. > > My setup is: > client -> Strongswan(centos 7) -> radius(free radius,centos 7) -> > AD(Microsoft) > > Can you provide some guidance regarding this? I've to complete this > project this month. > > Thank you -- == Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===[INS-HSR]== smime.p7s Description: S/MIME Cryptographic Signature
[strongSwan] Regarding Strongswan and AD
've been searching for the solution but couldn't find it so I'm writing to you. I hope I will get an answer. I've configured Strongswan and for authentication, I'm planning to use Microsoft AD. I've configured radius client on AD and set up samba on my centos 7 Strongswan server but still couldn't authenticate the users. I'm stuck somewhere or missing something. My setup is: client -> Strongswan(centos 7) -> radius(free radius,centos 7) -> AD(Microsoft) Can you provide some guidance regarding this? I've to complete this project this month. Thank you