Hi,

On Fri, Apr 03, 2020 at 05:30:23PM -0600, The Doctor via Openvpn-users wrote:
> tls-auth /usr/local/etc/openvpn/server/ta.key 0 # This file is secret

If you have this on the server...

> ;tls-auth /usr/local/etc/openvpn/server/ta.key 1

... you MUST have it on the client as well.

> verb 9

this is way too high for normal debugging, use "verb 4" :-)

As soon as you have the TLS-Auth part sorted out - there is no 
authentication backend configured on the server, so it won't do
LDAP or radius.  As for "how to do this", there's many possible ways
- you can use a plugin (plugin_auth_pam is a good start, and then
pam_radius or pam_ldap), or a script (--auth-user-pass-verify, see
the man page), ...

gert
-- 
"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
                             Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany                             g...@greenie.muc.de

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to