opn-repo icon indicating copy to clipboard operation
opn-repo copied to clipboard

Published 20 hours ago verified publisher icon mimugmail

OCSERV with RADIUS support

Open elfrom opened this issue 3 years ago • 5 comments

Hi, would it be possible to build the ocserv plugin with raduis support? I usually build and install it myself, but it would be a heck of a lot easier fo me to just install it from your repository :)

Best regards elfrom

elfrom avatar Sep 20 '22 13:09 elfrom

Do you know the parameter?

mimugmail avatar Sep 20 '22 13:09 mimugmail

All I do is install radcli before building ocserv, thats all there is to it. I dont know how this plugin thing works, but I guess that for it to make any sense, radcli will have to be distributed with the plugin aswell?

elfrom avatar Sep 20 '22 14:09 elfrom

As @elfrom mentioned, RADIUS support for OCserv will be a nice addition to this package. I see the radcli package is available in the FreeBSD ports https://www.freshports.org/net/radcli Here it is a basic tutorial to setup OCserv to use RADIUS for authenticating users https://ocserv.gitlab.io/www/recipes-ocserv-authentication-radius-radcli.html instead of manually creating local user accounts. This is the output for an OCserv package which has RADIUS support enabled.

$ ocserv -v
ocserv 1.1.6

Compiled with: tcp-wrappers, oath, radius, gssapi, PAM, PKCS#11, AnyConnect
GnuTLS version: 3.7.8

===> The following configuration options are available for ocserv-1.1.6:
     DOCS=on: Build and/or install documentation
     EXAMPLES=on: Build and/or install examples
     GSSAPI=off: GSSAPI Security API support
     MAXMIND=off: Use Maxmind GeoIP library
     RADIUS=off: RADIUS protocol support
===> Use 'make config' to modify these settings

Thank you

cristian-ciobanu avatar Oct 31 '22 22:10 cristian-ciobanu

Are there any plans to OCserv with build RADIUS support ?

cristian-ciobanu avatar May 19 '23 16:05 cristian-ciobanu

All I do is install radcli before building ocserv, thats all there is to it. I dont know how this plugin thing works, but I guess that for it to make any sense, radcli will have to be distributed with the plugin aswell?

I usually build and install it on OpenWRT (link https://blog.tianjinkun.com/post/98.html ), but i'm new user in OPNsense or FreeBSD, I try to download the source code and compile it, but failed(many warning like{ warning: unknown warning option '-Wno-stringop-truncation'; did you mean '-Wno-string-concatenation'? [-Wunknown-warning-option] } and {error: no member named 's6_addr32' in 'struct in6_addr' } ), can you introduce how to compile in FreeBSD? Thanks :)

JinkunTian avatar Nov 09 '23 09:11 JinkunTian