Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IKEv2 Connection - Auth via Local EAP DB ok, but PFsense is never asking Windows NPS

    Scheduled Pinned Locked Moved IPsec
    3 Posts 3 Posters 548 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      solid_NET
      last edited by

      Hi everyone

      I try to use IKEv2 with EAP-MSCHAPv2. NPS on Windows is correctly installed and answering.
      Somehow, PFSENSE never consults NPS, it only looks in its own user database (it works with local users)

      Now as for my PFSENSE: I configured the P2 "User Authentication" to look for Local Database and our NPS.
      0bb57fbf-5507-4a9d-8d37-83a7723be325-image.png
      Radius is configured:
      1ed1bfce-2442-4cad-89d6-7525cce51302-image.png
      Simple test is also OK:
      01974f41-2122-4dfe-984e-29d0b7413da2-image.png

      If I look on the NPS, I can see the simple test results. All is ok then.
      But if I login via IKEv2, the NPS is never hit by Pfsense. I verified with the windows firewall log.
      PFSENSE really only asks it own user database, EAP never gets routed to my NPS.

      Any hints?

      K 1 Reply Last reply Reply Quote 0
      • I
        Irondude
        last edited by

        I had this problem also after setting up the same config, rebooting pfsense corrected this, restarting ipsec may work also. i think it needed a restart to re-read son configs.

        1 Reply Last reply Reply Quote 0
        • K
          Konstanti @solid_NET
          last edited by

          This post is deleted!
          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.