Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multidomain authentication by 2 NPS servers with pfSense CP.

    Scheduled Pinned Locked Moved Captive Portal
    1 Posts 1 Posters 520 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pszafer
      last edited by

      Hello,

      I don't know if this is stricty connected with CaptivePortal, but I think that only this community can help me now, as you never dissapointed me :).

      We have 2 domains: A and B. Users from both domains should be able to login in CP.
      So CP is configured to authenticate to NPS in A domain.

      In A domain I have 'Connection request policy' -> 'B(.*)' -> redirect to NPS in B domain.
      And requests are redirected, but when username is somehow changed in 'Connection request policy' NPS in B can't find user e.g. 'B\testB'.

      When I redirect all requests to B NPS without changing anything in user-name attribute user is authenticated.

      I suspect that it could be:
      A. my config bug
      B. NPS bug
      C. something wrong with MSCHAP2 after changing user-name attribute.

      Here is my topic at MS Technet: https://social.technet.microsoft.com/Forums/windowsserver/en-US/853138a2-be3f-4841-b946-53d26cc22f2d/nps-reject-user-if-domainusername-provided
      but it is not helpful so far…

      Thanks in advance for any help.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.