PfSense wireless authentication (802.1x) with external Radius server, possible?



  • We are trying to setup FX5620-G with Winstron CM9 as an access point with 802.1x authentication against an external Radius server (freeradius).

    There are no options in the web interface to configure it this way, we've found this topic regarding a possible solution: http://forum.pfsense.org/index.php/topic,974.0.html however we were not able to make this work. Does anyone have a solution that makes pfSense to act as an access point with 802.1x authentication?

    Thanks in advance



  • Does anyone have a clue on this?

    Manually editing hostapd.conf didn't work out, maybe we're missing some options on the file…i think that these settings should be enough (plz correct me if i'm wrong), obviously with custom settings:

    ##### RADIUS client configuration #############################################
    
    # The own IP address of the access point (used as NAS-IP-Address)
    own_ip_addr=127.0.0.1
    
    # Optional NAS-Identifier string for RADIUS messages. When used, this should be
    # a unique to the NAS within the scope of the RADIUS server. For example, a
    # fully qualified domain name can be used here.
    nas_identifier=ap.example.com
    
    # RADIUS authentication server
    auth_server_addr=127.0.0.1
    auth_server_port=1812
    auth_server_shared_secret=secret
    
    # RADIUS accounting server
    acct_server_addr=127.0.0.1
    acct_server_port=1813
    acct_server_shared_secret=secret
    
    

    If these changes worked, they wouldn't be permanent…like said in the linked post, for that we should hardcode /etc/inc/interfaces.inc...what are the var $config["wireless"]["…"] settings to configure the ieee802.1x configs?

    Some advice would be appreciated…Thanks in advance!


Log in to reply