Hi, your concept seems correct. Set up the authentication in steps:
1) Define user credentials locally on the Freeradius server and set up an EAP-RADIUS connection from the strongSwan VPN gateway to the FreeRadius server along the following example scenario: https://www.strongswan.org/testing/testresults/swanctl/rw-eap-ttls-radius/ 2) Connect the Microsoft AD with FreeRadius so that the User Credentials can reside on the AD. Regards Andreas On 14.08.19 03:27, Bidhan Khatri wrote: > 've been searching for the solution but couldn't find it so I'm writing > to you. I hope I will get an answer. I've configured Strongswan and for > authentication, I'm planning to use Microsoft AD. I've configured radius > client on AD and set up samba on my centos 7 Strongswan server but still > couldn't authenticate the users. I'm stuck somewhere or missing something. > > My setup is: > client -> Strongswan(centos 7) -> radius(free radius,centos 7) -> > AD(Microsoft) > > Can you provide some guidance regarding this? I've to complete this > project this month. > > Thank you -- ====================================================================== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[INS-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature