How to configure Radius on pfsense 2.3.1

CallFromUSA

1. create a User on a server example username: noc password: abc
2. create same user on the FreeRadius of pfsense.
3. Create client on which the Radius client is installed
4. Configure interface where you add the interface that is accessible to the server (ip:x.x.x.x port:1812 inte type: auth )
5. Download pam_radius and follow the configuration from this site: https://docs.secureauth.com/display/81docs/PAM+RADIUS+Installation+and+Configuration+Guide
6. Be careful about the configuration in pam/sshd folder follow this configuration :

auth      sufficient      pam_radius_auth.so debug
auth      include      system-auth
account    sufficient      pam_radius_auth.so debug
account    required    pam_nologin.so
account    include      system-auth
password  include      system-auth
session    sufficient      pam_radius_auth.so debug conf=/etc/raddb/server
session    optional    pam_keyinit.so force revoke
session    include      system-auth
session    required    pam_loginuid.so

7. Do your test

It is better to test if your FreeRadius is working doing this configuration :
a) Add an interface with the IP address of 127.0.0.1.
b) Set the interface type to 'Auth' , use the default port (1812).
c) Add a client/NAS with the IP of 127.0.0.1 and the shared secret 'test'.
d) Create a test user account on the users tab.
e) Log into pfSense via SSH or use the command prompt feature in the diagnostics menu.
f)  Run the command below, replacing <username>, and <password>with the credentials you assigned (run this in the Diagnostics>command prompt section).</password></username>

nimamhd

Thank You very much.