EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Tuesday 24 December 2024, 04:38:13 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
The Latest Endian Firewall is now available for download
HERE
14262
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
VPN Support
OpenVPN and AD groups
0 Members and 0 Guests are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: OpenVPN and AD groups (Read 11486 times)
Siddique
Jr. Member
Offline
Posts: 2
OpenVPN and AD groups
«
on:
Saturday 25 February 2012, 06:18:53 am »
Hi, I currently have three sites, two with physical locations and one cloud. We have our Endian servers at all sites and are tied to our Active Directory.
Office 1 - VPN CAN
Office 2 - VPN IND
Cloud - VPN Global
The way we'd like to have it is that Office 1 only allows VPN CAN and Office 2 only allows VPN IND. We want to have both groups able to use the Cloud one via a nested group in active directory. So far I can't seem to get it to work. Below is a copy of my /var/efw/openvpn/settings file. Ideally we'd like to have 2 different OU's but that didn't seem something we could easily do.
AUTHENTICATION_STACK=ldap,local
AUTH_TYPE=psk
CLIENT_TO_CLIENT=on
DOMAIN=
{domain}
DROP_DHCP=on
GLOBAL_DNS=
{dns servers}
GLOBAL_NETWORKS=
{networks}
LDAP_BIND_DN=
{LDAP container}
LDAP_BIND_PASSWORD=
{password}
LDAP_URI=ldap://
{primary ldap server}
LDAP_USER_BASEDN=
{Container with users}
LDAP_USER_SEARCHFILTER=(&(objectCategory=person)(objectClass=user)(sAMAccountName=%(u)s)(memberof=CN=VPN.CAN,OU=Groups-NonSecure,DC=Corp,DC=AwareBase,DC=net))
OPENVPN_ENABLED=on
PORT=1194
PROTOCOL=udp
PURPLECLIENT_BEGIN_DEVICE=tap2
PURPLE_DEVICE=tap0
PURPLE_IP_BEGIN=
{VPN IP Range Start}
PURPLE_IP_END=
{VPN IP Range End}
PURPLE_NET=
PUSH_DOMAIN=on
PUSH_GLOBAL_DNS=on
PUSH_GLOBAL_NETWORKS=on
Thanks,
Siddique
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.063 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com