Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    User authentication and radius group attribute

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 2 Posters 3.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      scotia
      last edited by

      Hi,

      I am running FreeRadius with a MySQL backend and am trying to configure pfSense GUI authentication.  When I test the authentication it works fine, but the resulting display shows no group membership.  I have added the admins group to my MySQL usergroup database but I believe Radius is not returning the right attribute.

      What Radius attribute does pfSense expect to list the user group list?

      Thanks,
      Scott

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        It expects a semicolon-separated list to be returned in the "Class" reply attribute.

        Like this:

        Class := "admins;VPNUsers"

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • S
          scotia
          last edited by

          Many thanks for that.  Problem solved.

          I did hunt around for an answer and couldn't find one - is this documented?  If not, can I update something to help others?

          Regards,
          Scott

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            It's in a few places. The book, a few of the release notes around when the release was added… I think it's in the freeradius docs somewhere.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • S
              scotia
              last edited by

              I must have old books.  Neither my Packt FreeRadius book (2011) or pfSense -TDG (2009) mentions the Class attribute.  I'll check the release notes - perhaps the feature was added after those books were published.

              Do regular users have write access to the Wiki?  I'm happy to create a page.

              Thanks,
              Scott

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                Correct. It was after both of those books. It is in the current book you can get via pfSense Gold.

                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.