[Openswan Users] Openswan using Radius server for authentication
Arnel B. Espanola
aespanola at arts.ucla.edu
Tue May 27 17:10:56 EDT 2008
Hi Gbenga,
I found an equivalent radiusclient1 package for Fedora. It is
radiusclient-ng. I've successfully installed it but I'm having problem
authenticating to the radius servers. We already have existing Radius
servers but they are managed by different group. Below are the error
messages in my vpn server. I was able to establish IPSec but failed to
authenticate due to radius errors. Any hints that you can provide will
be appreciated.
May 27 14:04:58 vpn pppd[4127]: Plugin radius.so loaded.
May 27 14:04:58 vpn pppd[4127]: RADIUS plugin initialized.
May 27 14:04:58 vpn pppd[4127]: pppd 2.4.4 started by root, uid 0
May 27 14:04:58 vpn pppd[4127]: Using interface ppp0
May 27 14:04:58 vpn pppd[4127]: Connect: ppp0 <--> /dev/pts/0
May 27 14:05:00 vpn pppd[4127]: rc_read_dictionary: couldn't open
dictionary @pkgdatadir@/dictionary: No such file or directory
May 27 14:05:00 vpn pppd[4127]: RADIUS: Can't read dictionary file
@pkgdatadir@/dictionary
May 27 14:05:00 vpn pppd[4127]: Peer user1 failed CHAP authentication
May 27 14:05:00 vpn pppd[4127]: Connection terminated.
May 27 14:05:00 vpn xl2tpd[3521]: control_finish: Connection closed to
10.0.1.1, serial 0 ()
May 27 14:05:00 vpn xl2tpd[3521]: control_finish: Connection closed to
10.0.1.1, port 1701 (), Local: 572, Remote: 16
Arnel
Gbenga wrote:
> Hi Arnel,
>
> I have this working since the second time I set up
> OpenSwan. It worked like a charm! I found the documentation on the web
> - I cannot remember the link anymore, so if this looks like someone
> work, the credit belong to them.
>
> I skipped the mysql part, I only use the file file to manage the FreeRadius configuration. If you need more helpp with it, post and I will try to reply.
>
> Rgds,
> Gbenga
>
>
>
> I already have Openswan working with this version:
>
> Linux Openswan U2.4.5/K2.6.22.14-72.fc6 (netkey)
>
> I'm currently running it with Pre-shared key as method for
> authentication. Now I would like to authenticate VPN users using radius
> server. Can someone provide me more information on how to
> configure/setup the Openswan with PPP/Radius authentication. I'm running
> PPP daemon version 2.4.4 with Radius support.
>
> Appreciate your help.
>
> Thanks,
> Arnel
>
> Jacco de Leeuw wrote:
>> Arnel B. Espanola wrote:
>>
>>> Is there anyone here setup their Openswan VPN server to use a radius
>>> server for client's authentication? If there is, sharing some
>>> information on how to implement it would be appreciated. Thanks.
>> It can be done with L2TP/IPsec if you use a PPP server with support
>> for RADIUS authentication. See this webpage and search for RADIUS:
>> http://www.jacco2.dds.nl/networking/openswan-l2tp.html
>>
>> Somebody else will have to fill you in if you rather use RADIUS with
>> XAUTH or IKEv2.
>>
>> Jacco
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>
>
> __________________________________________________________
> Sent from Yahoo! Mail.
> A Smarter Email http://uk.docs.yahoo.com/nowyoucan.html
More information about the Users
mailing list