Feature #9937
openOpenVPN Login User Privilege
0%
Description
Hello pfsense development Team,
It would be awesome to have a "VPN - User: Openvpn Dialin" privilege in the Group Assigned Privileges section.
This privileges would allow an user from the group to login as an Openvpn client.
Correct me if I am wrong but for what I understand, the only way to do that today is to use an extended query to restrict authentication at the authentication server level. I believe this is not optimal since it is more efficient to have the same authentication server for multiples service. Restricting to a VPNUsers group with an external query could prevent other uses and therefore defeat the purpose of ldap.
Also, since the Ldap/local group matching is reliable, having an empty group would probably do the trick for any external authentication server.
Regards,
Arthur