I’m trying to use duoauthproxy to manage IPSEC/IKEv2 vpns, with no chance so far. I would need some help…
My IPsec gateway is strongswan on debian based OS with the eap-radius plugin enabled.
Coud you please tell me if duoauthproxy supports radius AVP stored in EAP (message 79)?
So far, I get no answer to the radius access requests sent by strongswan.
UPDATE : a test with radtest is ok - but the eap-radius plugin of strongswan does not seem to be compatible with duoauthproxy : the radius access-reject reply-message is “Impropely-formatted password”, I guess the authproxy does not decode correctly the access-request. Still working on it.
My primary authenticator is a openldap server:
Is this a working software in this case or am I forced to setup an MS Active Directory instead?
Any specific options I should configure, in the ad_client section of the configuration file I assume?
UPDATE : This point is solved by adding the lines 'username_attribute = cn", “auth_type = plain” & bind_dn…" in the ad_client section.
thank you in advance for you support,