FreeRADUIS not Authenticating with PFSense using OTP
-
Hello I am having issues with FreeRADUIS in that when you go to Diagnostic > Authentication it keeps failing whenever I use an account with OTP. However it works fine with static passwords. On the same token I have a Cisco switch that is authenticating with FreeRADIUS as well and that has no problem authenticating with OTP. Why is it that I can authenticate fine using OTP on a Cisco switch but it fails on pfSense?
-
I also want to add while looking through the logs I notice on the Cisco switch logins it passes the authentication to googleauth.py however when I try to log into pfSense it doesn't pass the authentication to googleauth.py. It just fails.
Log from logging into pfSense:
Oct 23 11:28:43 radiusd 16311 (18) Login incorrect (Failed retrieving values required to evaluate condition): [admin] (from client FamFirewall port 0)
Log from logging into Cisco switch:
Oct 23 11:23:40 radiusd 16311 (16) Login OK: [admin] (from client FamSwitch port 1 cli 10.10.10.2)
Oct 23 11:23:40 googleauth.py freeRADIUS: Google Authenticator - Authentication successful for user: admin -
So no one has any ideas on this? Why isn't pfSense passing the authentication to the py script like the other logins?
-
https://forum.pfsense.org/index.php?topic=139142.0
-
So no one has any ideas on this? Why isn't pfSense passing the authentication to the py script like the other logins?
Check the link above this post, auth is successful now.
(Also, check the RADIUS server entry under System > User Manager, Authentication Servers tab. It must be set to PAP.)
