• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Multiple authentication servers defined, pfSense using wrong one for login test?

Scheduled Pinned Locked Moved General pfSense Questions
2 Posts 2 Posters 1.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • N
    NickTheSloth
    last edited by Feb 17, 2018, 12:15 AM

    We have two authentication servers defined on one of our installations - one LDAP and one RADIUS. The RADIUS is used for OpenVPN, and we need to use the LDAP server for authentication to the web GUI. They are different AD environments so using one for both isn't going to work.

    When we go to select the LDAP server for authentication and hit 'save and test', it always tries to connect and bind to the address of the RADIUS server, and thus fails. The logs are also showing failures if we try to login ignoring the test result.

    This seems like a bug - unless I'm missing something? This installation is on 2.4.2, and the same LDAP configuration works on another setup that doesn't have the RADIUS server also added (I can't unfortunately add it to that setup to try replicating the issue).

    1 Reply Last reply Reply Quote 0
    • P
      phil.davis
      last edited by Feb 17, 2018, 11:43 AM

      It is a bug, when something other than the first entry in the list is selected:

      Bug reported: https://redmine.pfsense.org/issues/8338
      Proposed fix: https://github.com/pfsense/pfsense/pull/3907

      actually it is just reporting the wrong host name/IP in the testing messages. Actually the code seems to be testing the correct entry.

      As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
      If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

      1 Reply Last reply Reply Quote 0
      1 out of 2
      • First post
        1/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received