On 2020-09-01, Hrvoje Popovski <[email protected]> wrote: > Hi all, > > does anyone use an openconnect server on openbsd and have guidelines on > how to configure it? i see that an openconnect server can use radius, so > it's interesting to me. Which client do you use to connect to the > openconnect server?
It worked when I tested after porting ocserv/openconnect, but I'm not using it in production. You should be able to connect to ocserv using either the openconnect client or cisco anyconnect client. > If there is something else that can use radius, i would like to know? at least these: - npppd (yeuch l2tp :) - openvpn (there's a username/pw auth method using a helper script, you can write something calling a radius client to check auth, also yeuch openvpn :) I did once see some code including radius support for iked but it was tied up with a bunch of other changes and looked a bit complex to separate. I don't recall whether it was just username/pw or if it did full EAP.
