Project

General

Profile

Actions

Feature #9937

open

OpenVPN Login User Privilege

Added by Arthur Besnard about 2 years ago. Updated about 2 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
11/28/2019
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

Hello pfsense development Team,

It would be awesome to have a "VPN - User: Openvpn Dialin" privilege in the Group Assigned Privileges section.

This privileges would allow an user from the group to login as an Openvpn client.

Correct me if I am wrong but for what I understand, the only way to do that today is to use an extended query to restrict authentication at the authentication server level. I believe this is not optimal since it is more efficient to have the same authentication server for multiples service. Restricting to a VPNUsers group with an external query could prevent other uses and therefore defeat the purpose of ldap.

Also, since the Ldap/local group matching is reliable, having an empty group would probably do the trick for any external authentication server.

Regards,
Arthur

Actions

Also available in: Atom PDF