• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

FreeRadius LDAP with GSuite LDAP Help

Scheduled Pinned Locked Moved General pfSense Questions
4 Posts 3 Posters 1.1k Views 3 Watching
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M Offline
    msa1878
    last edited by Jan 22, 2023, 5:57 AM

    Good evening!

    Reaching out for help once again...

    We use Gsuite for Education with a Pfsense and captive portal and authentication against Gsuite. All working as it should.

    We are needing a radius server for an add-on appliance called EasyNac by Infoexpress for network access control, which requires an Active Directory or a radius server. Since we don't use any AD servers, A radius server will be used instead.

    I have installed Freeradius on the Pfsense, and it is working as designed. I was able to authenticate against a local username on the Pfsense box via radius.

    As of right now, we have the PF captive portal using Stunnel to authenticate through the GSuite LDAP, and it works. I saw somewhere you can bind the FreeRadius to the Stunnel but I can't find instructions for that.

    I cannot get Freeradius to authenticate Gsuite LDAPS. looked all around for direct setup instructions for setting this and I had no luck yet finding anything to help.

    Any suggests?

    N 1 Reply Last reply Jan 22, 2023, 6:14 PM Reply Quote 0
    • N Offline
      NollipfSense @msa1878
      last edited by Jan 22, 2023, 6:14 PM

      @msa1878 said in FreeRadius LDAP with GSuite LDAP Help:

      bind the FreeRadius to the Stunnel

      Did you look at these:

      https://docs.netgate.com/pfsense/en/latest/packages/stunnel.html

      https://docs.netgate.com/pfsense/en/latest/packages/freeradius.html

      pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
      pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

      M 1 Reply Last reply Jan 22, 2023, 6:28 PM Reply Quote 0
      • M Offline
        msa1878 @NollipfSense
        last edited by Jan 22, 2023, 6:28 PM

        @nollipfsense said in FreeRadius LDAP with GSuite LDAP Help:

        https://docs.netgate.com/pfsense/en/latest/packages/stunnel.html

        Yes, I have seen all of these... but I can't find any info on how to bind Freeradius to an already functioning Gsuite Stunnel configuration.

        1 Reply Last reply Reply Quote 0
        • S Offline
          stephenw10 Netgate Administrator
          last edited by stephenw10 Jan 23, 2023, 1:06 AM Jan 23, 2023, 1:05 AM

          Stunnel listens on localhost and forwards requests to dap.google.com so I would expect to point Freeradius at localhost on the appropriate port. As you do for LDAP auth directly:

          https://docs.netgate.com/pfsense/en/latest/recipes/auth-google-gsuite.html#configure-ldap-authentication-on-pfsense-software

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received