I have a couple of groups setup on our radius server. I want each group to be assigned to a different group in Soft Ether, each with different permissions.
Can someone please tell me how I would go about connecting a user (group) in the radius server to a group in soft ether? As I can see now, I can only enter one user, "*", and so I'm not sure how to add a second user (group) with different permissions.
thank you in advance. much appreciated
How do I map RADIUS groups to soft ether groups?
-
- Posts: 3
- Joined: Wed Oct 21, 2015 2:02 pm
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: How do I map RADIUS groups to soft ether groups?
You have to create users at least for a group.
-
- Posts: 3
- Joined: Wed Oct 21, 2015 2:02 pm
Re: How do I map RADIUS groups to soft ether groups?
thank you for your reply. I created one group in soft ether and added a user * within it.
however if I add another group in soft ether and add a user * (so it can authenticate against the radius server), how do I configure soft ether/radius to only allow users in their assigned groups?
thank you
however if I add another group in soft ether and add a user * (so it can authenticate against the radius server), how do I configure soft ether/radius to only allow users in their assigned groups?
thank you
-
- Posts: 26
- Joined: Mon Nov 02, 2015 12:18 am
Re: How do I map RADIUS groups to soft ether groups?
Hi,
This is my first post, but I hope it helps.
I couldn't actually get this to work how I would have liked.
In my case, the radius server is a Windows Domain Controller, but I figure it should be similar.
What I did was, create 3 windows Groups (Radius Groups). Each group represents (let's say) one group of users with specific permissions..perhaps a company. In SoftEther, I have 3 "HUBs (1 per company)". I couldn't get this to work by creating SoftEther groups in each HUB and "mapping" them. So I created all the users individually in each HUB and then made sure they were all Radius users.
This gives you the same result as mapping the groups would (I think). it certainly does what I want it to do, but it's just a bit more admin overhead creating each individual user in softether (well, at least a username and making sure they're Radius users).
Let me know if that helps.
EDIT: Sorry, I may have misunderstood. If you're using groups to give different perms in SoftEther itself using "Set this group's Security Policy", then my response is not suitable.
This is my first post, but I hope it helps.
I couldn't actually get this to work how I would have liked.
In my case, the radius server is a Windows Domain Controller, but I figure it should be similar.
What I did was, create 3 windows Groups (Radius Groups). Each group represents (let's say) one group of users with specific permissions..perhaps a company. In SoftEther, I have 3 "HUBs (1 per company)". I couldn't get this to work by creating SoftEther groups in each HUB and "mapping" them. So I created all the users individually in each HUB and then made sure they were all Radius users.
This gives you the same result as mapping the groups would (I think). it certainly does what I want it to do, but it's just a bit more admin overhead creating each individual user in softether (well, at least a username and making sure they're Radius users).
Let me know if that helps.
EDIT: Sorry, I may have misunderstood. If you're using groups to give different perms in SoftEther itself using "Set this group's Security Policy", then my response is not suitable.
-
- Posts: 3
- Joined: Wed Oct 21, 2015 2:02 pm
Re: How do I map RADIUS groups to soft ether groups?
thanks. That would not work for me unfortunately. Having to add the users manually in softether sort of avoids the whole RADIUS thing. I am trying to use it for automated VPN provisioning. So ideally I have a 'group' assigned in the RADIUS server and then softether can know which security group to apply is ideal.
Seems the only way to do that would be to setup separate radius servers with separate databases...sort of a waste of resources though.
thank you much for your reply
Seems the only way to do that would be to setup separate radius servers with separate databases...sort of a waste of resources though.
thank you much for your reply
-
- Posts: 26
- Joined: Mon Nov 02, 2015 12:18 am
Re: How do I map RADIUS groups to soft ether groups?
Hi,
I agree entirely. I would have like to have seen the same group-mapping too. Perhaps one day... :-)
I agree entirely. I would have like to have seen the same group-mapping too. Perhaps one day... :-)
-
- Posts: 7
- Joined: Sat Jan 05, 2019 12:11 pm
Re: How do I map RADIUS groups to soft ether groups?
anyone found a solution to yes ?
Really would be nice
Really would be nice