Bug #6609
closed
OpenVPN Radius auth doesn't send NAS attributes and is not consistent with how strongSwan does it
0%
Description
OpenVPN Radius auth doesn't send NAS Port-Type (which should be "Virtual") and NAS Port (which preferably should be the port the client connected on). The NAS Identifier attribute should be "openVPN" and not the pfSense hostname (to be consistent with strongSwan).
This should simplify Radius authentication and allow for fine grained control over who can authenticate on each openVPN server instance.
Updated by Chris Buechler over 8 years ago
- Status changed from New to Confirmed
- Affected Version changed from 2.3.1 to All
Updated by Kacper Boström over 8 years ago
I've submitted a github pull request (#3057) fixing this issue.
Updated by Chris Buechler over 8 years ago
- Target version set to 2.4.0
Thanks Kacper. Looks reasonable, outside the one line I left a comment on where a recent change was reverted, but something that should bake in snapshots longer than we'll have time for 2.3.2.
Updated by Kacper Boström over 8 years ago
I fixed the lines that reverted the recent changes. My bad for committing things that really aren't part of the patch. I've force pushed my changes so they should be immediately visible in the pull request.
Updated by Chris Buechler over 8 years ago
- Status changed from Confirmed to Feedback
Thanks, merged to master for 2.4.
Updated by Jim Pingle almost 8 years ago
- Status changed from Feedback to Resolved
- Target version changed from 2.4.0 to 2.3.3