Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Radius server on the otherside of a VPN

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 410 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      ssanford
      last edited by

      I have a radius server on the other side of a VPN tunnel and PfSense will not send authentication requests to it. The requests go out the WAN interface. I was able to make it work by adding a static route in the command line with "route add 10.54.12.0/24 192.168.67.1" with 192.168.67.1 being the LAN interface. I wanted to add this as a persistent route but the /etc/rc.conf file looks like this:

      cat /etc/rc.conf
      THIS FILE DOES NOTHING, DO NOT MAKE CONFIG CHANGES HERE

      So is there a place to add the static route in the OS itself or is there a better way to fix this issue?

      stephenw10S 1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator @ssanford
        last edited by

        Assuming it's an IPSec VPN then that's the way to work around it.

        https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/access-firewall-over-ipsec.html#static-route-workaround

        And, yes , in pfSense you should never be manually editing a conf file like that.

        Steve

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.