OpenVPN Login User Privilege
Hello pfsense development Team,
It would be awesome to have a "VPN - User: Openvpn Dialin" privilege in the Group Assigned Privileges section.
This privileges would allow an user from the group to login as an Openvpn client.
Correct me if I am wrong but for what I understand, the only way to do that today is to use an extended query to restrict authentication at the authentication server level. I believe this is not optimal since it is more efficient to have the same authentication server for multiples service. Restricting to a VPNUsers group with an external query could prevent other uses and therefore defeat the purpose of ldap.
Also, since the Ldap/local group matching is reliable, having an empty group would probably do the trick for any external authentication server.
Updated by Jim Pingle over 3 years ago
- Subject changed from Assign an new OpenVPN User privileges to a group (Local or from an external auth server) to OpenVPN Login User Privilege
If this is added it would have to be off by default and enabled on a per-server basis.