Hello,
we are trying to setup our SoftEther with a virtual hub which asks our Radius-Server. The authentication is working, as we can connect with the users from our domain.
For that, i made an User "*" with the Authentification Method RADIUS.
Our Radius-server is FreeRADIUS.
What exactly do we want:
1. A virtual hub that accepts the user's request and forwards it to FreeRadius
-> Already works
2. FreeRADIUS sees which user logs in and informs SoftEther which VLAN the user belongs to
-> Each group has different servers and networks to which access should be granted
A user is currently connecting to the VPN hub and is pushed into the first network connected to the hub. A second VLAN on the VPN hub does not help.
The networks or VLANs are linked to the hub as a local bridge.
How can we get SoftEther to use the VLAN that is coming from the FreeRadius-Authentication?
Or is there another way to configure that?
If needed, the server configuration is added down below (Changed the passwords etc)
Regards,
Dankau
Radius Authentication with different Groups
-
- Posts: 7
- Joined: Tue Mar 10, 2020 8:25 am
Radius Authentication with different Groups
You do not have the required permissions to view the files attached to this post.
-
- Posts: 7
- Joined: Tue Mar 10, 2020 8:25 am
Re: Radius Authentication with different Groups
Hello,
after a lot of testing i have it running like i wanted. In The Virtual Hub Extended Options there was one Option called "AssignVLanIdByRadiusAttribute" which needed the Value 1. For safety purposes i also changed the value for the option "DenyAllRadiusLoginWithNoVLanAssign" to 1.
After changing that Value we can now connect via an external RADIUS server and assign different VLANs to different User groups.
Regards
Dankau
after a lot of testing i have it running like i wanted. In The Virtual Hub Extended Options there was one Option called "AssignVLanIdByRadiusAttribute" which needed the Value 1. For safety purposes i also changed the value for the option "DenyAllRadiusLoginWithNoVLanAssign" to 1.
After changing that Value we can now connect via an external RADIUS server and assign different VLANs to different User groups.
Regards
Dankau