Active Directory authentication server over IPSEC tunnel
-
Hello,
I want an AD authentication server in use PFSENSE1 which lies behind an IPSEC tunnel.
PFSENSE1 <-IPSEC-> PFSENSE2 <-> AD server
Unfortunately, the firewall can not achieve this.
Is there any place to set the interface which use the AD authenication server from pfsense to be connect do the AD-Server ? So similar like DIAGNOSTIC-PING?
greeting
Christian
-
This setup works beautifully for me, except I use OpenVPN, which is irrelevant if your VPN tunnel works.
-
hi,
hm strange. I have a working ipsec connection.
pfsense1 IP192.168.185.1 / 24
pfsense2 IP192.168.210.1 / 24
AD server 192.168.210.10I have access from the network 192.168.185.XXX to the AD-server 192.168.210.10.
Only when I try in pfsense1 under System User / Manager / Authentication Server add a LDAP Server - I get no connection to the ad-server 192.168.210.10
I test this in the server setting with "Select a container". Then always appears:
Could not connect to the LDAP server. Please check the LDAP configuration.IP address of the server, etc. are correct.
-
…-----+------... (Clients/Servers)
| LAN 192.168.185.0/24
|
| 192.168.185.1
.-----:------.
|pfS:ense1| (Authentication Server via a LDAP Server 192.168.210.10)
| |
'-----:------'
|
|
WAN/ | IPSEC
INET |
.-----:------.
|pfS:ense2+-------. 192.168.210.1
| | |
'-----:------' |
| |
LAN | OPT1 | serversnetwork
| | 192.168.210.0/24
| |
|
...-----+------... (Servers) (AD-Server 192.168.210.10)
-
Good morning,
I had just the same problem! I solved it using the following guide:
https://doc.pfsense.org/index.php/Why_can't_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPNCheers,
JBR