Page 1 of 1

How do I map RADIUS groups to soft ether groups?

Posted: Wed Oct 21, 2015 2:12 pm
by BarryCA
I have a couple of groups setup on our radius server. I want each group to be assigned to a different group in Soft Ether, each with different permissions.

Can someone please tell me how I would go about connecting a user (group) in the radius server to a group in soft ether? As I can see now, I can only enter one user, "*", and so I'm not sure how to add a second user (group) with different permissions.

thank you in advance. much appreciated

Re: How do I map RADIUS groups to soft ether groups?

Posted: Thu Oct 29, 2015 6:33 am
by thisjun
You have to create users at least for a group.

Re: How do I map RADIUS groups to soft ether groups?

Posted: Thu Oct 29, 2015 6:43 pm
by BarryCA
thank you for your reply. I created one group in soft ether and added a user * within it.

however if I add another group in soft ether and add a user * (so it can authenticate against the radius server), how do I configure soft ether/radius to only allow users in their assigned groups?

thank you

Re: How do I map RADIUS groups to soft ether groups?

Posted: Mon Nov 02, 2015 12:26 am
by PaulC
Hi,

This is my first post, but I hope it helps.

I couldn't actually get this to work how I would have liked.

In my case, the radius server is a Windows Domain Controller, but I figure it should be similar.

What I did was, create 3 windows Groups (Radius Groups). Each group represents (let's say) one group of users with specific permissions..perhaps a company. In SoftEther, I have 3 "HUBs (1 per company)". I couldn't get this to work by creating SoftEther groups in each HUB and "mapping" them. So I created all the users individually in each HUB and then made sure they were all Radius users.

This gives you the same result as mapping the groups would (I think). it certainly does what I want it to do, but it's just a bit more admin overhead creating each individual user in softether (well, at least a username and making sure they're Radius users).

Let me know if that helps.

EDIT: Sorry, I may have misunderstood. If you're using groups to give different perms in SoftEther itself using "Set this group's Security Policy", then my response is not suitable.

Re: How do I map RADIUS groups to soft ether groups?

Posted: Tue Nov 03, 2015 8:39 pm
by BarryCA
thanks. That would not work for me unfortunately. Having to add the users manually in softether sort of avoids the whole RADIUS thing. I am trying to use it for automated VPN provisioning. So ideally I have a 'group' assigned in the RADIUS server and then softether can know which security group to apply is ideal.

Seems the only way to do that would be to setup separate radius servers with separate databases...sort of a waste of resources though.

thank you much for your reply

Re: How do I map RADIUS groups to soft ether groups?

Posted: Wed Nov 18, 2015 11:56 pm
by PaulC
Hi,

I agree entirely. I would have like to have seen the same group-mapping too. Perhaps one day... :-)

Re: How do I map RADIUS groups to soft ether groups?

Posted: Sat Jan 19, 2019 11:52 am
by ashah7
anyone found a solution to yes ?
Really would be nice