Project

General

Profile

Feature #9937

OpenVPN Login User Privilege

Added by Arthur Besnard 9 days ago. Updated 8 days ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
11/28/2019
Due date:
% Done:

0%

Estimated time:

Description

Hello pfsense development Team,

It would be awesome to have a "VPN - User: Openvpn Dialin" privilege in the Group Assigned Privileges section.

This privileges would allow an user from the group to login as an Openvpn client.

Correct me if I am wrong but for what I understand, the only way to do that today is to use an extended query to restrict authentication at the authentication server level. I believe this is not optimal since it is more efficient to have the same authentication server for multiples service. Restricting to a VPNUsers group with an external query could prevent other uses and therefore defeat the purpose of ldap.

Also, since the Ldap/local group matching is reliable, having an empty group would probably do the trick for any external authentication server.

Regards,
Arthur

History

#1 Updated by Jim Pingle 8 days ago

  • Subject changed from Assign an new OpenVPN User privileges to a group (Local or from an external auth server) to OpenVPN Login User Privilege

If this is added it would have to be off by default and enabled on a per-server basis.

Also available in: Atom PDF