Radius Authentication with different Groups

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
Dankau
Posts: 4
Joined: Tue Mar 10, 2020 8:25 am

Radius Authentication with different Groups

Post by Dankau » Wed May 12, 2021 12:50 pm

Hello,

we are trying to setup our SoftEther with a virtual hub which asks our Radius-Server. The authentication is working, as we can connect with the users from our domain.
For that, i made an User "*" with the Authentification Method RADIUS.

Our Radius-server is FreeRADIUS.

What exactly do we want:
1. A virtual hub that accepts the user's request and forwards it to FreeRadius
-> Already works

2. FreeRADIUS sees which user logs in and informs SoftEther which VLAN the user belongs to
-> Each group has different servers and networks to which access should be granted

A user is currently connecting to the VPN hub and is pushed into the first network connected to the hub. A second VLAN on the VPN hub does not help.
The networks or VLANs are linked to the hub as a local bridge.

How can we get SoftEther to use the VLAN that is coming from the FreeRadius-Authentication?
Or is there another way to configure that?

If needed, the server configuration is added down below (Changed the passwords etc)

Regards,
Dankau
You do not have the required permissions to view the files attached to this post.

Dankau
Posts: 4
Joined: Tue Mar 10, 2020 8:25 am

Re: Radius Authentication with different Groups

Post by Dankau » Tue May 18, 2021 10:58 am

Hello,

after a lot of testing i have it running like i wanted. In The Virtual Hub Extended Options there was one Option called "AssignVLanIdByRadiusAttribute" which needed the Value 1. For safety purposes i also changed the value for the option "DenyAllRadiusLoginWithNoVLanAssign" to 1.

After changing that Value we can now connect via an external RADIUS server and assign different VLANs to different User groups.

Regards
Dankau

Post Reply