[strongSwan] Strongswan with freeradius on Debian server
sabrina.louison-francois at ens-cachan.fr
Tue Apr 30 14:38:09 CEST 2013
My freeradius is already configured to use LDAP since we use "eduroam"
in our university (2007). On my strongwan server, a radtest command is
ok with the user I want. But through ipsec.secrets, it doesn't work
Sorry to bother you. I'll probably end up finding the solution.
Le 30/04/2013 14:30, Andreas Steffen a écrit :
> Hello Sabrina,
> the strongSwan ldap plugin is used for CRL fetching only. If you want
> to store your user credentials on an LDAP server then you have to
> configure the Freeradius server accordingly. I think there is sufficient
> information available from the Internet on how to do this, e.g.
> On 04/30/2013 02:15 PM, Sabrina Louison-francois wrote:
>> Le 25/04/2013 15:35, Sabrina a écrit :
>>> Thanks for your help. But I had my TLS problem again. I had to add all
>>> the certificates chain of my radius server into my client
>>> ipsec.d/cacerts to make it work.
>> I'm sorry to return with the same problem but I can't make it work and
>> really don't know where to look at. Everything is working well with a
>> cleartext password in /etc/freeradius/users.
>> But when I try with a ldap user's, the password is not sent... and
>> radius server says "Login incorrect".
>> Is there a way to make it work with an ldap authentication ? Ldap
>> plugins is loaded on my strongswan server.
> Andreas Steffen andreas.steffen at strongswan.org
> strongSwan - the Linux VPN Solution! www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
More information about the Users