Ocserv reading group config from radius
Mac Liang
liang1985 at gmail.com
Wed Feb 4 05:45:30 PST 2015
Thanks Nikos, I figured out the single group attribute. Maybe I will
fall back to use plain. Thanks a lot for the hints
On Wed, Feb 4, 2015 at 9:40 PM, Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
> On Mon, 2015-02-02 at 14:52 +0800, Mac Liang wrote:
>> Hi there,
>> I tried to set up an openconnect server with freeradius. Everything
>> goes well except the groupconfig. I'm not sure how ocserv is reading
>> group configuration from freeradius.
>
> It reads the attributes for user and group configuration. The supported
> attributes are listed in doc/README.radius.
>
>> i set-up a profile named global,
>> and asked freeradius to send a reply with Group-Name as global. After
>> that, i created an account named as global_test and associated it with
>> global. Also. i used select-group = global[Tunnel All Network Traffic]
>> ti let the user select their network. However, when connecting to
>> ocserv, i kept receiving this error message:
>
> You cannot use multiple group selection with radius groupconfig. Radius
> doesn't provide a method to switch groups.
>
> regards,
> Nikos
>
>
--
Best,
Mac
More information about the openconnect-devel
mailing list