OpenConnect server and Radius
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Fri Apr 22 04:26:20 PDT 2016
On Fri, Apr 22, 2016 at 9:08 AM, Anton Shilov <ashilov at arqatech.com> wrote:
> Hi!
> I use RADIUS-server windows 2008 for users' authorization and OpenConnect
> Server working at CENTOS 7. Login goes well and I get connected VPN, but I
> cannot understand how to use RADIUS attribute Group-Name in order to link
> group parameters from "config-per-group". I don't find Group-Name attribute
> at windows RADIUS-server. For example, CISCO ASA uses Filter-Id
> standart-attribute for same cases. I think openconnect doesn't support this
> attribute. Am I right?. Do you have any plans to add that opportunity in
> future?
You cannot. This support is being rewritten in the master branch.
There you can use the Class attribute to provide groups in the format
"OU=group1;group2". Would that cover your use case?
regards,
Nikos
More information about the openconnect-devel
mailing list