[strongSwan] Regarding Strongswan and AD

Andreas Steffen andreas.steffen at strongswan.org
Thu Aug 15 08:27:59 CEST 2019


Hi,

your concept seems correct. Set up the authentication in steps:

1) Define user credentials locally on the Freeradius server
   and set up an EAP-RADIUS connection from the strongSwan VPN gateway
   to the FreeRadius server along the following example scenario:


https://www.strongswan.org/testing/testresults/swanctl/rw-eap-ttls-radius/

2) Connect the Microsoft AD with FreeRadius so that the User Credentials
   can reside on the AD.

Regards

Andreas

On 14.08.19 03:27, Bidhan Khatri wrote:
> 've been searching for the solution but couldn't find it so I'm writing
> to you.  I hope I will get an answer. I've configured Strongswan and for
> authentication, I'm planning to use Microsoft AD. I've configured radius
> client on AD and set up samba on my centos 7 Strongswan server but still
> couldn't authenticate the users. I'm stuck somewhere or missing something.
> 
> My setup is:
> client -> Strongswan(centos 7) -> radius(free radius,centos 7) ->
> AD(Microsoft)
> 
> Can you provide some guidance regarding this? I've to complete this
> project this month. 
> 
> Thank you

-- 
======================================================================
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[INS-HSR]==

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2945 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190815/46e117fb/attachment.bin>


More information about the Users mailing list