• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Query pfSense Local User Database using LDAP

Scheduled Pinned Locked Moved General pfSense Questions
6 Posts 3 Posters 724 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L
    laurenta
    last edited by Mar 14, 2023, 10:33 PM

    Hi,

    Is it possible to query the pfSense local user database using LDAP ?

    I want to make 2FA from a remote RADIUS server, but I need to check the password of the user, that's why I'm wondering about accessing the pfSense local user database using LDAP.

    Regards,
    Laurent.

    1 Reply Last reply Reply Quote 0
    • J
      jimp Rebel Alliance Developer Netgate
      last edited by Mar 15, 2023, 4:27 PM

      No, the firewall is not an LDAP server.

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      L 1 Reply Last reply Mar 17, 2023, 9:25 AM Reply Quote 0
      • L
        laurenta @jimp
        last edited by Mar 17, 2023, 9:25 AM

        @jimp Thanks for this clear answer.

        I'm trying to find a solution in order to do MFA on pfSense with an external RADIUS Server (OTP) and Internal user database (password).

        Would it be possible to set up a "two stage" authentification scheme on the pfSense (for SSL VPN authentification for instance), so that first the external RADIUS server is checked (OTP Code) then the internal user database (password) ?

        Thanks,

        Laurent.

        S J 2 Replies Last reply Mar 17, 2023, 12:03 PM Reply Quote 0
        • S
          Saqqara @laurenta
          last edited by Mar 17, 2023, 12:03 PM

          Which VPN client are you going to be using.

          You can use 2FA / OTP password if you install radius on pfsense.

          1 Reply Last reply Reply Quote 0
          • J
            jimp Rebel Alliance Developer Netgate @laurenta
            last edited by Mar 17, 2023, 12:23 PM

            @laurenta said in Query pfSense Local User Database using LDAP:

            Would it be possible to set up a "two stage" authentification scheme on the pfSense (for SSL VPN authentification for instance), so that first the external RADIUS server is checked (OTP Code) then the internal user database (password) ?

            Not on pfSense itself natively, the RADIUS server itself would have to support that, and there are several that do (e.g. FreeRADIUS can be integrated with mOTP/Google Authenticator and potentially other types).

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            L 1 Reply Last reply Mar 17, 2023, 3:09 PM Reply Quote 0
            • L
              laurenta @jimp
              last edited by Mar 17, 2023, 3:09 PM

              @jimp My problem is that my customers are using pfSense internal user database and from my RADIUS server, there is no way to verify user’s password…

              1 Reply Last reply Reply Quote 0
              6 out of 6
              • First post
                6/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received