search

mimugmail / opn-repo

OPNsense repo by mimugmail
Other
325 stars 24 forks source link

OCSERV with RADIUS support #130

Open elfrom opened 1 year ago

elfrom commented 1 year ago

Hi, would it be possible to build the ocserv plugin with raduis support? I usually build and install it myself, but it would be a heck of a lot easier fo me to just install it from your repository :)

Best regards elfrom

mimugmail commented 1 year ago

Do you know the parameter?

elfrom commented 1 year ago

All I do is install radcli before building ocserv, thats all there is to it. I dont know how this plugin thing works, but I guess that for it to make any sense, radcli will have to be distributed with the plugin aswell?

cristian-ciobanu commented 1 year ago

As @elfrom mentioned, RADIUS support for OCserv will be a nice addition to this package. I see the radcli package is available in the FreeBSD ports https://www.freshports.org/net/radcli Here it is a basic tutorial to setup OCserv to use RADIUS for authenticating users https://ocserv.gitlab.io/www/recipes-ocserv-authentication-radius-radcli.html instead of manually creating local user accounts. This is the output for an OCserv package which has RADIUS support enabled.

$ ocserv -v
ocserv 1.1.6

Compiled with: tcp-wrappers, oath, radius, gssapi, PAM, PKCS#11, AnyConnect
GnuTLS version: 3.7.8
===> The following configuration options are available for ocserv-1.1.6:
     DOCS=on: Build and/or install documentation
     EXAMPLES=on: Build and/or install examples
     GSSAPI=off: GSSAPI Security API support
     MAXMIND=off: Use Maxmind GeoIP library
     RADIUS=off: RADIUS protocol support
===> Use 'make config' to modify these settings

Thank you

cristian-ciobanu commented 1 year ago

Are there any plans to OCserv with build RADIUS support ?

JinkunTian commented 8 months ago

All I do is install radcli before building ocserv, thats all there is to it. I dont know how this plugin thing works, but I guess that for it to make any sense, radcli will have to be distributed with the plugin aswell?

I usually build and install it on OpenWRT (link https://blog.tianjinkun.com/post/98.html ), but i'm new user in OPNsense or FreeBSD, I try to download the source code and compile it, but failed(many warning like{ warning: unknown warning option '-Wno-stringop-truncation'; did you mean '-Wno-string-concatenation'? [-Wunknown-warning-option] } and {error: no member named 's6_addr32' in 'struct in6_addr' } ), can you introduce how to compile in FreeBSD? Thanks :)