Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Freeradius (latest) LDAP-Auth not working

    Scheduled Pinned Locked Moved pfSense Packages
    6 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      klm46
      last edited by

      Hi,

      i got feeradius running on PFSense (at another VLAN than Captive Portal). Lokal Users works fine. But any LDAP-User is getting login incorrect.

      The Diagnostics / Authentication tool says succes when trying with an LDAP-User for that Auth-Server. So i`m really confused, why the test is passed via LDAp and the radiusd can't access :)

      Feb 13 16:00:10 radiusd 4328 Login OK: [kmueller/XXX] (from client lokaler port 0)
      Feb 13 16:00:28 radiusd 4328 Login incorrect: [kmueller/<via auth-type="MSCHAP">] (from client 113er port 0 cli ec9bf377d957)</via>

      really struggeling with that :/

      1 Reply Last reply Reply Quote 0
      • K
        klm46
        last edited by

        Where the hell comes the Auth-Type MSCHAP from? I do not set this as default anywhere.

        Can i start the service with the X-Flag as native with radiusd -X ?

        1 Reply Last reply Reply Quote 0
        • K
          klm46
          last edited by

          If somebody is also struggeling with that. I installed the samba-package, added the pfsense to AD, and finally configured freeradius to authenticate via ntlm_auth. Now everything works fine.

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by

            @klm46:

            I installed the samba-package, added the pfsense to AD

            1 Reply Last reply Reply Quote 0
            • K
              klm46
              last edited by

              very statefull…

              1 Reply Last reply Reply Quote 0
              • K
                klm46
                last edited by

                vers stupid you guy…. "Not a pfSense employee, they cannot fire me..." no more words to say... fu

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.