Query pfSense Local User Database using LDAP
-
Hi,
Is it possible to query the pfSense local user database using LDAP ?
I want to make 2FA from a remote RADIUS server, but I need to check the password of the user, that's why I'm wondering about accessing the pfSense local user database using LDAP.
Regards,
Laurent. -
No, the firewall is not an LDAP server.
-
@jimp Thanks for this clear answer.
I'm trying to find a solution in order to do MFA on pfSense with an external RADIUS Server (OTP) and Internal user database (password).
Would it be possible to set up a "two stage" authentification scheme on the pfSense (for SSL VPN authentification for instance), so that first the external RADIUS server is checked (OTP Code) then the internal user database (password) ?
Thanks,
Laurent.
-
Which VPN client are you going to be using.
You can use 2FA / OTP password if you install radius on pfsense.
-
@laurenta said in Query pfSense Local User Database using LDAP:
Would it be possible to set up a "two stage" authentification scheme on the pfSense (for SSL VPN authentification for instance), so that first the external RADIUS server is checked (OTP Code) then the internal user database (password) ?
Not on pfSense itself natively, the RADIUS server itself would have to support that, and there are several that do (e.g. FreeRADIUS can be integrated with mOTP/Google Authenticator and potentially other types).
-
@jimp My problem is that my customers are using pfSense internal user database and from my RADIUS server, there is no way to verify user’s password…