Difference between revisions of "Configuring LDAP based authentication for openVPN"
From Notes_Wiki
m |
m |
||
Line 1: | Line 1: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[LDAP servers]] > [[Configuring LDAP based authentication for openVPN]] | [[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[LDAP servers]] > [[Configuring LDAP based authentication for openVPN]] | ||
To configure LDAP based authentication for openvpn use these steps: | |||
#Install openvpn-auth-ldap plugin using '<tt>yum -y install openvpn-auth-ldap</tt>' | #Install openvpn-auth-ldap plugin using '<tt>yum -y install openvpn-auth-ldap</tt>' | ||
#Use '<tt>chown -R openvpn:openvpn /etc/openvpn/auth</tt>' | #Use '<tt>chown -R openvpn:openvpn /etc/openvpn/auth</tt>' |
Latest revision as of 15:29, 13 March 2022
Home > CentOS > CentOS 6.x > LDAP servers > Configuring LDAP based authentication for openVPN
To configure LDAP based authentication for openvpn use these steps:
- Install openvpn-auth-ldap plugin using 'yum -y install openvpn-auth-ldap'
- Use 'chown -R openvpn:openvpn /etc/openvpn/auth'
- Edit '/etc/openvpn/auth/ldap.conf' file and add appropriate values. Avoid use of TLS using testing by setting 'TLSEnable no'. Also modify default search filter to 'SearchFilter "(uid=%u)"' assuming accountStatus field is not present in the schema.
- Edit 'server.conf' and add following line:
- plugin /usr/lib64/openvpn/plugin/lib/openvpn-auth-ldap.so /etc/openvpn/auth/ldap.conf
- Use 'service openvpn restart'
- Test the configuration by connecting to VPN. Note that the client configuration should have:
- auth-user-pass
- auth-retry interact
- If connection is successful optionally try using TLS for openVPN and LDAP server communication
Home > CentOS > CentOS 6.x > LDAP servers > Configuring LDAP based authentication for openVPN