Page MenuHomeVyOS Platform
Create Task
Maniphest T4621

OpenConnect group selection
Closed, DuplicatePublicFEATURE REQUEST
Actions

Description

In order to replace certain enterprise AnyConnect head-ends, it will be necessary to set and pass group names with the user auth to the RADIUS back-end for attribute-based selectors to work correctly.
The OpenConnect config file provides for this capability via the following syntax:

# Groups that a client is allowed to select from.
# A client may belong in multiple groups, and in certain use-cases
# it is needed to switch between them. For these cases the client can
# select prior to authentication. Add multiple entries for multiple groups.
# The group may be followed by a user-friendly name in brackets.
#select-group = group1
#select-group = group2[My special group]

Could this please be implemented in the CLI to avoid losing selectors for users when the config/device is reloaded?

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Improvement (missing useful functionality)

Related Objects