Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense + External RADIUS (Caveats?)

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 574 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ArmstrongA Offline
      Armstrong
      last edited by

      Hi,

      I was hoping to have Radius authentication using RCDevs WebADM. I can't seem to get the authentication to succeed using PAP or CHAP, though when I try with MS-CHAP the logs in WebADM state "LDAP password not provided". I assume this is due to the fact that it cannot read the Microsoft CHAP encryption. This still suggests they are talking though, but with PAP and CHAP I get zero logs at all for WebADM. WebADM is configured correctly as I can authenticate from elsewhere.

      Looking at the packet capture I can see Access-Reject (3) followed by id: 0x91 and an Authenticator string.

      I was mainly wondering how Pfsense is best set up with an external RADIUS server, if there is anything to consider (LDAP user groups?), and common fixes. I also don't understand what the NAS-IP-ATTRIBUTE is, and how it relates to WAN or LAN. Any help would be appreciated.

      1 Reply Last reply Reply Quote 0
      • ArmstrongA Offline
        Armstrong
        last edited by

        Strangely enough, it works fine with the testing client in opt/radiusd/conf/clients.conf but not when trying to actually use the real configuration.

        Does anyone know how to implement in that configuration?

        1 Reply Last reply Reply Quote 0
        • stephenw10S Offline
          stephenw10 Netgate Administrator
          last edited by stephenw10

          What are you trying to authenticate against it exactly? Users logging into pfSense? VPN usesrs?

          I'm unfamiliar with RCDevs WebADM but after quickly searching I can't see anything Radius related only LDAP. You have a link to any documentation?

          EDIT: This?
          https://www.rcdevs.com/docs/howtos/pfsense/pfsense/

          Steve

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.