Pfsense 2FA failed on Freeradius



  • I have implemented 2FA authentication process on pfsense in order to grant access for VPN users. But recently authentication has failed due to the following reason.

    (3) googleauth: ERROR: Program returned code (1) and output ''
    (3) [googleauth] = reject
    (3) } # Auth-Type GOOGLEAUTH = reject
    (3) Failed to authenticate the user
    (3) Using Post-Auth-Type Reject
    (3) # Executing group from file /usr/local/etc/raddb/sites-enabled/default
    (3) Post-Auth-Type REJECT {
    (3) attr_filter.access_reject: EXPAND %{User-Name}
    (3) attr_filter.access_reject: --> sam
    (3) attr_filter.access_reject: Matched entry DEFAULT at line 11
    (3) [attr_filter.access_reject] = updated
    (3) [eap] = noop
    (3) policy remove_reply_message_if_eap {
    (3) if (&reply:EAP-Message && &reply:Reply-Message) {
    (3) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
    (3) else {
    (3) [noop] = noop
    (3) } # else = noop
    (3) } # policy remove_reply_message_if_eap = noop
    (3) } # Post-Auth-Type REJECT = updated
    (3) EXPAND %{reply:Acct-Output-Octets}
    (3) -->
    (3) Login incorrect (Failed retrieving values required to evaluate condition): [sam] (from client RadServer port 0)
    (3) Delaying response for 1.000000 seconds

    I have run the "radtest" and local user authentication is granted but when it comes to google auth it failed. Even I did uninstall and configure it again but gives the same error. Note: pfsense runs on hyperv server as a VM. I did try on the laptop its perfectly working fine. Then I installed the same pfsense box on the server then again it failed. Any possible reason behind it as I couldn't rectify yet.


Log in to reply