Excessive Freeradius page load time
-
Hmm, interesting. 90s is excessive either way.
I believe we have a copy of your config in a support ticket we could test?
What CSO values are you using? I expected you would be passing values from Radius since you're using it.
Steve
-
This post is deleted! -
Let me see if I can test it locally...
-
This post is deleted! -
We were able to replicate it but not, yet, improve the response. The Freeradius package in pfSense was never really intended to operate with that many users though. The load times still seem excessive to me but it will always be slow. You really should be using an external Radius server for a number if users that large.
Steve
-
This post is deleted! -
Hmm, I've never attempted that myself. Is there any reason you're trying that rather than use an external Radius server?
-
This post is deleted! -
Using an external Radius server is no different to using Freeradius on pfSense except the server IPs are not localhost. Relatively easy.
-
This post is deleted! -
Well, as I said it should be no different that using Freeradius on the firewall.
You mean it's authenticating users logging into the firewall itself but not OpenVPN users?
-
This post is deleted! -
Right obviously the package is not required and the Radius config is all on the remote and not in the firewall. But from the user auth point of view t configured in the same way. In both cases you need to add a Radius server in User Manager. The only difference there is that with Freeadius the server is specified as running at 127.0.01, because it's local. With a remote Radius server you need to configure the server IP address so pfSense knows where to find it.
But the OpenVPN config is no different, the only change would be selecting the new radius server to use.
Steve
