Pfsense as Radius Client and connection with Radius on Windows Server 2003 R2



  • Hello,

    I have installed the version 2.3.3-RELEASE-p1 of pfsense; for compatibility with our old firewall (snapgear) and for lack of time I replicated the vpn connection that we have (PPTP, enabling 2 firewall rules); our vpn connection use radius for authentication with a Ias installed on an Windows Server 2003 R2.

    I followed these 2 guides:

    https://community.spiceworks.com/how_to/128944-pfsense-admin-logins-via-radius-using-active-directory-accounts
    https://doc.pfsense.org/index.php/OpenVPN_with_RADIUS_via_Active_Directory (this for active directory part)

    and used the "Remote Access Policy" that I have used before with the other connection (that is equal to the step explained in the guides above).

    If I go to see the Ias log I see one entry with the error "a radius message was received from the invalid radius client ip address" when I active the connection and when I trying to connect again I see no entry on the log.

    How to troubleshoot this? It seems to me from the GUI that there is no Status->System Log for radius, so I don't know where to start; however, if I point in the remote access policy the ip address of the old firewall (it is still active) I can authenticate with no problem and the vpn works (I point the vpn connection to the pfsense wan but use as radius client the old firewall).

    Could you please help me to try to understand how to troubleshoot this?

    I've seen that there is no tutorial around with Windows Server 2003: is it compatible as radius server with my pfsense installation?


    Regards,

    Marco Mangiante



  • Hello,

    I attached a "Packet Capture": it seems that the communication with radius server never starts.


    Regards,

    Marco Mangiante