How to configure Radius on pfsense 2.3.1



    1. create a User on a server example username: noc password: abc
    2. create same user on the FreeRadius of pfsense.
    3. Create client on which the Radius client is installed
    4. Configure interface where you add the interface that is accessible to the server (ip:x.x.x.x port:1812 inte type: auth )
    5. Download pam_radius and follow the configuration from this site: https://docs.secureauth.com/display/81docs/PAM+RADIUS+Installation+and+Configuration+Guide
    6. Be careful about the configuration in pam/sshd folder follow this configuration :

    auth      sufficient      pam_radius_auth.so debug
    auth      include      system-auth
    account    sufficient      pam_radius_auth.so debug
    account    required    pam_nologin.so
    account    include      system-auth
    password  include      system-auth
    session    sufficient      pam_radius_auth.so debug conf=/etc/raddb/server
    session    optional    pam_keyinit.so force revoke
    session    include      system-auth
    session    required    pam_loginuid.so

    1. Do your test

    It is better to test if your FreeRadius is working doing this configuration :
    a) Add an interface with the IP address of 127.0.0.1.
    b) Set the interface type to 'Auth' , use the default port (1812).
    c) Add a client/NAS with the IP of 127.0.0.1 and the shared secret 'test'.
    d) Create a test user account on the users tab.
    e) Log into pfSense via SSH or use the command prompt feature in the diagnostics menu.
    f)  Run the command below, replacing <username>, and <password>with the credentials you assigned (run this in the Diagnostics>command prompt section).</password></username>



  • Thank You very much.


Log in to reply