pfsense / freeRADIUS



  • Am I correct in saying that under the interface tabs I only need to have 1 interface for Auth and Accounting? Ie 192.168.1.1 , even though I have a device on a different vlan (vlans are set up proper and I am able to ping across the network). I was under the impression all I would have to do is at the device under NAS/Clients.. ie 192.168.2.100 with the proper shared secret. I am trying to use freeRADIUS with my Unifi AC-PRO but it doesn't want to work. I want to rule out it being a pfsense settings before I go and troubleshoot the AP more.

    Thanks


  • Galactic Empire

    Do a radtest to verify its working:-

    root@unifi:~# radtest -4 andy password 172.16.0.1 1812 ClientSharedSecret
    Sending Access-Request of id 181 to 172.16.0.1 port 1812
    User-Name = "andy"
    User-Password = "password"
    NAS-IP-Address = 127.0.1.1
    NAS-Port = 1812
    Message-Authenticator = 0x00000000000000000000000000000000
    rad_recv: Access-Accept packet from host 172.16.0.1 port 1812, id=181, length=34
    Class = 0x61646d696e73
    Service-Type = Administrative-User
    root@unifi:~#

    https://support.microfocus.com/kb/doc.php?id=7014552

    You could also do a radsniff -x on pfSense.