Active Directory authentication server over IPSEC tunnel

  • Hello,

    I want an AD authentication server in use PFSENSE1 which lies behind an IPSEC tunnel.

    PFSENSE1 <-IPSEC-> PFSENSE2 <-> AD server

    Unfortunately, the firewall can not achieve this.

    Is there any place to set the interface which use  the AD authenication server from pfsense to be connect do the AD-Server ? So similar like DIAGNOSTIC-PING?



  • This setup works beautifully for me, except I use OpenVPN, which is irrelevant if your VPN tunnel works.

  • hi,

    hm strange. I have a working ipsec connection.

    pfsense1 IP192.168.185.1 / 24
    pfsense2 IP192.168.210.1 / 24
    AD server

    I have access from the network 192.168.185.XXX  to the AD-server
    Only when I try in pfsense1 under System User / Manager / Authentication Server add a  LDAP Server - I get  no connection to the ad-server
    I test this in the server setting with "Select a container". Then always appears:
    Could not connect to the LDAP server. Please check the LDAP configuration.

    IP address of the server, etc. are correct.

  • …-----+------... (Clients/Servers)
                | LAN
          |pfS:ense1| (Authentication Server via a  LDAP Server
          |                |
    WAN/    | IPSEC
    INET    |
          |                |      |
          '-----:------'      |
                |                  |
          LAN |      OPT1  | serversnetwork
                |                  |
                |                  |
                        ...-----+------... (Servers) (AD-Server

  • Good morning,

    I had just the same problem! I solved it using the following guide:'t_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPN



Log in to reply