How do I map RADIUS groups to soft ether groups?

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
BarryCA
Posts: 3
Joined: Wed Oct 21, 2015 2:02 pm

How do I map RADIUS groups to soft ether groups?

Post by BarryCA » Wed Oct 21, 2015 2:12 pm

I have a couple of groups setup on our radius server. I want each group to be assigned to a different group in Soft Ether, each with different permissions.

Can someone please tell me how I would go about connecting a user (group) in the radius server to a group in soft ether? As I can see now, I can only enter one user, "*", and so I'm not sure how to add a second user (group) with different permissions.

thank you in advance. much appreciated

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: How do I map RADIUS groups to soft ether groups?

Post by thisjun » Thu Oct 29, 2015 6:33 am

You have to create users at least for a group.

BarryCA
Posts: 3
Joined: Wed Oct 21, 2015 2:02 pm

Re: How do I map RADIUS groups to soft ether groups?

Post by BarryCA » Thu Oct 29, 2015 6:43 pm

thank you for your reply. I created one group in soft ether and added a user * within it.

however if I add another group in soft ether and add a user * (so it can authenticate against the radius server), how do I configure soft ether/radius to only allow users in their assigned groups?

thank you

PaulC
Posts: 26
Joined: Mon Nov 02, 2015 12:18 am

Re: How do I map RADIUS groups to soft ether groups?

Post by PaulC » Mon Nov 02, 2015 12:26 am

Hi,

This is my first post, but I hope it helps.

I couldn't actually get this to work how I would have liked.

In my case, the radius server is a Windows Domain Controller, but I figure it should be similar.

What I did was, create 3 windows Groups (Radius Groups). Each group represents (let's say) one group of users with specific permissions..perhaps a company. In SoftEther, I have 3 "HUBs (1 per company)". I couldn't get this to work by creating SoftEther groups in each HUB and "mapping" them. So I created all the users individually in each HUB and then made sure they were all Radius users.

This gives you the same result as mapping the groups would (I think). it certainly does what I want it to do, but it's just a bit more admin overhead creating each individual user in softether (well, at least a username and making sure they're Radius users).

Let me know if that helps.

EDIT: Sorry, I may have misunderstood. If you're using groups to give different perms in SoftEther itself using "Set this group's Security Policy", then my response is not suitable.

BarryCA
Posts: 3
Joined: Wed Oct 21, 2015 2:02 pm

Re: How do I map RADIUS groups to soft ether groups?

Post by BarryCA » Tue Nov 03, 2015 8:39 pm

thanks. That would not work for me unfortunately. Having to add the users manually in softether sort of avoids the whole RADIUS thing. I am trying to use it for automated VPN provisioning. So ideally I have a 'group' assigned in the RADIUS server and then softether can know which security group to apply is ideal.

Seems the only way to do that would be to setup separate radius servers with separate databases...sort of a waste of resources though.

thank you much for your reply

PaulC
Posts: 26
Joined: Mon Nov 02, 2015 12:18 am

Re: How do I map RADIUS groups to soft ether groups?

Post by PaulC » Wed Nov 18, 2015 11:56 pm

Hi,

I agree entirely. I would have like to have seen the same group-mapping too. Perhaps one day... :-)

ashah7
Posts: 7
Joined: Sat Jan 05, 2019 12:11 pm

Re: How do I map RADIUS groups to soft ether groups?

Post by ashah7 » Sat Jan 19, 2019 11:52 am

anyone found a solution to yes ?
Really would be nice

Post Reply