Windows RADIUS Server
-
@Xavi_IT said in Windows RADIUS Server:
After writing the last message, I have successfully configured LDAP authentication server in the same PfSense device that points to the same Windows Server. This way everything works, including OpenVPN clients validation using allowed domain user accounts.
Sounds good. Also, you can add custom attributes to control per user bandwidth. it's really amazing integration. ENJOY :)
-
@mohkhalifa
Could you please share the configuration tips with me?
I did get your private message, but I am not able to let you do the configuration remotely.
Thanks any way.@Xavi_IT
May I know how did you solve this issue ?
Thank you! -
Hello @yanqian,
I could not configure a Radius server in PfSense "Authentication Servers". I followed several tutorials and Windows NPS event log was returning succesfull authentication attempts, but I could not figure out why didn't PfSense was not getting them.Finally I had success using LDAP instead of Radius in PfSense "Authentication server" to connect to Windows Active Directory. With LDAP It worked at first attempt.
-
@yanqian did ur issue got resolved .. i to have the same issue in pfsense
-
@anwarmoinudeen Hi Sir did your issue got resolved already? i also have the same issue in pfsense
-
@anwarmoinudeen As I recall, I hadn't solved this issue, and I gave up NPS radius server test. I hope @mohkhalifa would provide the guide in detail.
-
Old topic but try this:
First you need to know the vendor code for PFSENSE which I found in https://github.com/pfsense/pfsense/blob/master/src/usr/share/doc/radius/dictionary.pfsense
VENDOR pfSense 13644 BEGIN-VENDOR pfSense ATTRIBUTE pfSense-Bandwidth-Max-Up 1 integer ATTRIBUTE pfSense-Bandwidth-Max-Down 2 integer ATTRIBUTE pfSense-Max-Total-Octets 3 integer END-VENDOR pfSenseNow you can go to your network policy in NPS for the captive portal. Go to:
SETTINGS, VENDOR SPECIFIC, ADD, "custom", "Vendor specific/Radius standard", ADD,ADD:- Enter Vendor Code = 13644
- Yes it conforms
- configure Attribute -> 1 for pfSense-Bandwidth-Max-Up with decimal and you bandwidth
repeat for 2 = pfSense-Bandwidth-Max-Down
Untested but this should work in theory.
-
@jimmychoosshoes after that how can we limit bandwidth by users can you help me?
-
Y yanqian referenced this topic on
-
@anwarmoinudeen I know this is old, just want to update here, I tried to use NPS on server 2016 as RADIUS server today, and it works without any issue.
Pfsense version is 2.7.0, RADIUS MS-CHAPv2 . -
@yanqian with FreeRadius?
-
FreeRadius is not " NPS on server 2016 as RADIUS server".
Instead of install the FreeRadius pfSense package, @yanqian installed a Radius serves on a Micorsoft (server ?) and use that Radius server.
It isn't a free one (as it is from Microsoft)
He probably used this :
to set up an external authorization/authentication (Radius) server.
-
@Gertjan )) i use this method too and it is not hard to configure
-
@dochy Yes it's hard but you have to prepare a good coffee and I trust that you will did it.
-
This post is deleted! -
@mohkhalifa we are still waiting for that manual please can you help us
-
@dochy said in Windows RADIUS Server:
we are still waiting for that manual please
Like these : microsoft nps ?
You'll find the Documentation under Additional resources.
Remember : this isn't open source and a Microsoft product. Manuals are most probably copyrighted.
