OpenVPN via LDAP
OpenVPN authentication with LDAP, powered by Foxpass.
Before you get started...
A member of the Foxpass community, Aaron Vinson, has released a Docker container with OpenVPN integrated with Foxpass. Check it out here: https://github.com/avinson/foxpass-openvpn.
Here's how to set up OpenVPN authentication with LDAP, powered by Foxpass.
First, log into Foxpass and do the following:
- Note your Base DN on the dashboard page. Copy/paste it somewhere.
- Create an LDAP Binder account with the name 'openvpn' on the LDAP binders page. Copy/paste the generated password! It is only displayed once.
OpenVPN LDAP configuration:
# LDAP server URL
URL ldaps://ldap.foxpass.com
BindDN cn=<binder name>,dc=example,dc=com
# Bind Password
Password "********"
# Network timeout (in seconds)
Timeout 15
# Disable Start TLS
TLSEnable no
# Follow LDAP Referrals (anonymously)
FollowReferrals yes
# TLS CA Certificate File
#TLSCACertFile /usr/local/etc/ssl/ca.pem
# TLS CA Certificate Directory
#TLSCACertDir /etc/ssl/certs
# Client Certificate and key
# If TLS client authentication is required
#TLSCertFile /usr/local/etc/ssl/client-cert.pem
#TLSKeyFile /usr/local/etc/ssl/client-key.pem
# Cipher Suite
# The defaults are usually fine here
# TLSCipherSuite ALL:!ADH:@STRENGTH
# Base DN
BaseDN "ou=people,dc=example,dc=com"
# User Search Filter
SearchFilter "(&(uid=%u))"
# Require Group Membership
RequireGroup false
# If you want to limit to certain group(s), set RequireGroup to true (above)
# uncomment below and edit the BaseDN and SearchFilter line
#<Group>
# BaseDN "ou=groups,dc=example,dc=com"
# SearchFilter "(|(cn=developers)(cn=artists))"
# MemberAttribute member
#</Group>
Updated 10 months ago