OpenVPN not hitting Radius server



  • I'm setting up a new OpenVPN server on pfSense and am getting stuck. I've done this numerous times before, but I'm getting something wrong this time.
    When I try to log in with known good credentials, I get an AUTH_FAILED message. The pfSense log indicates "No valid RADIUS responses received".
    The OpenVPN Server is configured to use the only RADIUS authentication server I have configured in pfSense. That server points correctly to the IP address on the Windows 2019 server that has NPS configured for RADIUS, with a protocol of PAP.
    The RADIUS Client on the 2019 server correctly points to the IP address of the pfSense box. The shared secrets are the same (I'm now testing with a very simple one) in pfSense as in 2019.
    I have a network policy (first in the list) that includes a group of which I'm a member.
    I have NPS Accounting enabled with everything checked.
    I've disabled Windows Firewall on the server as a test.

    What I think is a very significant clue is that nothing shows up in the NPS log file on the 2019 server. This implies to me that there is an issue with pfSense communicating with NPS on the 2019 server.

    I'm running 2.4.4.p3 on an i5 computer for pfSense. Windows Server is a VM on a different computer. I'm not experiencing any other notable issues on either box.

    Any suggestions as to what I may be doing wrong would be greatly appreciated.



  • I resolved the issues....

    To start with, Windows Firewall was blocking the creation of the log file. When I disabled it, the file was created. What's odd is that I eventually enabled the Firewall and logging continued to work.

    Once there was a log file, I used IASViewer to sort out the log file. It showed me that the error was: "Did not match connection request policy". I checked the policy and found that for "Type of network access server" I had selected "Remote Access Server(VPN-Dial up)". Changing it to "Unspecified" resolved the issue.


Log in to reply