Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problems with ipsec vpn with radius authentication

    Scheduled Pinned Locked Moved
    2.2 Snapshot Feedback and Problems - RETIRED
    2
    3
    778
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pax
      last edited by

      Greetings,

      I'm trying to set up pfSense for VPN using an external freeRadius server.  The problem I am having is that when Radius Rejects the user, pfSense still allows the inbound vpn connection to get established.

      Here is an excerpt from the pfSense log:
        Dec 5 12:57:36 charon: 04[MGR] IKE_SA con1[38] successfully checked out
        Dec 5 12:57:37 charon: user 'fred' could not authenticate.
        Dec 5 12:57:37 charon: 04[IKE] <con1|38>XAuth-SCRIPT succeeded for user 'fred'.
        Dec 5 12:57:37 charon: 04[IKE] XAuth-SCRIPT succeeded for user 'fred'.

      And a line from Radius:
        (1) Sent Access-Reject Id 191 from 192.168.3.145:1812 to 192.168.3.158:57087 length 20

      I am using the latest version of pfSense 2.2 beta as well as the latest beta of freeradius…

      Thank,
      Pax.</con1|38>

      1 Reply Last reply Reply Quote 0
      • E
        eri--
        last edited by

        A fix was pushed for this that will come with new snaps and RC.

        1 Reply Last reply Reply Quote 0
        • P
          pax
          last edited by

          Great.  Thanks!!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post