Radius Authentication with different Groups
Posted: Wed May 12, 2021 12:50 pm
Hello,
we are trying to setup our SoftEther with a virtual hub which asks our Radius-Server. The authentication is working, as we can connect with the users from our domain.
For that, i made an User "*" with the Authentification Method RADIUS.
Our Radius-server is FreeRADIUS.
What exactly do we want:
1. A virtual hub that accepts the user's request and forwards it to FreeRadius
-> Already works
2. FreeRADIUS sees which user logs in and informs SoftEther which VLAN the user belongs to
-> Each group has different servers and networks to which access should be granted
A user is currently connecting to the VPN hub and is pushed into the first network connected to the hub. A second VLAN on the VPN hub does not help.
The networks or VLANs are linked to the hub as a local bridge.
How can we get SoftEther to use the VLAN that is coming from the FreeRadius-Authentication?
Or is there another way to configure that?
If needed, the server configuration is added down below (Changed the passwords etc)
Regards,
Dankau
we are trying to setup our SoftEther with a virtual hub which asks our Radius-Server. The authentication is working, as we can connect with the users from our domain.
For that, i made an User "*" with the Authentification Method RADIUS.
Our Radius-server is FreeRADIUS.
What exactly do we want:
1. A virtual hub that accepts the user's request and forwards it to FreeRadius
-> Already works
2. FreeRADIUS sees which user logs in and informs SoftEther which VLAN the user belongs to
-> Each group has different servers and networks to which access should be granted
A user is currently connecting to the VPN hub and is pushed into the first network connected to the hub. A second VLAN on the VPN hub does not help.
The networks or VLANs are linked to the hub as a local bridge.
How can we get SoftEther to use the VLAN that is coming from the FreeRadius-Authentication?
Or is there another way to configure that?
If needed, the server configuration is added down below (Changed the passwords etc)
Regards,
Dankau