Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FreeRadius LDAP with GSuite LDAP Help

    General pfSense Questions
    3
    4
    964
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • msa1878M
      msa1878
      last edited by

      Good evening!

      Reaching out for help once again...

      We use Gsuite for Education with a Pfsense and captive portal and authentication against Gsuite. All working as it should.

      We are needing a radius server for an add-on appliance called EasyNac by Infoexpress for network access control, which requires an Active Directory or a radius server. Since we don't use any AD servers, A radius server will be used instead.

      I have installed Freeradius on the Pfsense, and it is working as designed. I was able to authenticate against a local username on the Pfsense box via radius.

      As of right now, we have the PF captive portal using Stunnel to authenticate through the GSuite LDAP, and it works. I saw somewhere you can bind the FreeRadius to the Stunnel but I can't find instructions for that.

      I cannot get Freeradius to authenticate Gsuite LDAPS. looked all around for direct setup instructions for setting this and I had no luck yet finding anything to help.

      Any suggests?

      NollipfSenseN 1 Reply Last reply Reply Quote 0
      • NollipfSenseN
        NollipfSense @msa1878
        last edited by

        @msa1878 said in FreeRadius LDAP with GSuite LDAP Help:

        bind the FreeRadius to the Stunnel

        Did you look at these:

        https://docs.netgate.com/pfsense/en/latest/packages/stunnel.html

        https://docs.netgate.com/pfsense/en/latest/packages/freeradius.html

        pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
        pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

        msa1878M 1 Reply Last reply Reply Quote 0
        • msa1878M
          msa1878 @NollipfSense
          last edited by

          @nollipfsense said in FreeRadius LDAP with GSuite LDAP Help:

          https://docs.netgate.com/pfsense/en/latest/packages/stunnel.html

          Yes, I have seen all of these... but I can't find any info on how to bind Freeradius to an already functioning Gsuite Stunnel configuration.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by stephenw10

            Stunnel listens on localhost and forwards requests to dap.google.com so I would expect to point Freeradius at localhost on the appropriate port. As you do for LDAP auth directly:

            https://docs.netgate.com/pfsense/en/latest/recipes/auth-google-gsuite.html#configure-ldap-authentication-on-pfsense-software

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.