IPSec with AD authentication
-
I would like to clarify one thing. Is it possible, with pfSense 2.3, to use IPSec/L2TP authenticating through LDAP?
I've seen contradicting pages in that sense. For example, Itctech says in https://forum.pfsense.org/index.php?topic=90753.msg504731#msg504731 that it's not possible, but in https://forum.pfsense.org/index.php?topic=67700.msg370396#msg370396, Rubicon says he has it working.
Which one is the case? Do I really have to install Radius in my PDC or BDC to allow pfSense-IPSec to authenticate to my AD?
I'm running pfSense 2.3.4 in a Xen VM. IPSec/L2TP is working with the internal database, and I've successfully set an LDAP Authentication Server setup pointing to my AD, but failed to make IPSec use it.
Thank you,
Roberto Greiner
-
It looks like the only option there is RADIUS, not LDAP. Maybe try setting up AD NPS and a RADIUS authenticator instead.
https://doc.pfsense.org/index.php/L2TP/IPsec