Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    23.01 Radiusd pickup WAN all the time for auth instead of default WAN2 assigned.

    Scheduled Pinned Locked Moved pfSense Packages
    1 Posts 1 Posters 489 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      dezore
      last edited by

      Hi,

      Some interesting behaviour noticed in system logs,
      We have OpenVPN + 2FA via GoogleAuth implemented in place.
      Default WAN for routing - WAN2, VPN server responds on WAN2, some time ago it was a WAN, and we switched, users and radius setup was done back to the time when WAN was default.

      But now, even if a user connects correctly to the WAN2 channel, I see in the logs:

      Feb 23 14:33:38	radiusd	75758	(11) Login OK: [username] (from client pfsenseclient port XXXX cli AAA.BB.CCC.DD:XXXX)
Feb 23 14:33:37	googleauth.py	76497	freeRADIUS: Google Authenticator - Authentication successful for user: username

      and this IP address is the IP address of WAN.

      Moreover, I have the situation, when 2 units netgate xg71001U with pfsense plus if it matters, were connected simultaneously to the internet, one of them via WAN2, and the second via WAN, they have a mirror setup.
      So the interesting thing, while the users connected to the correct channel WAN2 on unit A,
      unit B received this messages in the system log being connected via WAN.

      I wonder where in the config files this can be adjusted to use the correct interface?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.