Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Query pfSense Local User Database using LDAP

    General pfSense Questions
    3
    6
    160
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      laurenta last edited by

      Hi,

      Is it possible to query the pfSense local user database using LDAP ?

      I want to make 2FA from a remote RADIUS server, but I need to check the password of the user, that's why I'm wondering about accessing the pfSense local user database using LDAP.

      Regards,
      Laurent.

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        No, the firewall is not an LDAP server.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        L 1 Reply Last reply Reply Quote 0
        • L
          laurenta @jimp last edited by

          @jimp Thanks for this clear answer.

          I'm trying to find a solution in order to do MFA on pfSense with an external RADIUS Server (OTP) and Internal user database (password).

          Would it be possible to set up a "two stage" authentification scheme on the pfSense (for SSL VPN authentification for instance), so that first the external RADIUS server is checked (OTP Code) then the internal user database (password) ?

          Thanks,

          Laurent.

          S jimp 2 Replies Last reply Reply Quote 0
          • S
            Saqqara @laurenta last edited by

            Which VPN client are you going to be using.

            You can use 2FA / OTP password if you install radius on pfsense.

            1 Reply Last reply Reply Quote 0
            • jimp
              jimp Rebel Alliance Developer Netgate @laurenta last edited by

              @laurenta said in Query pfSense Local User Database using LDAP:

              Would it be possible to set up a "two stage" authentification scheme on the pfSense (for SSL VPN authentification for instance), so that first the external RADIUS server is checked (OTP Code) then the internal user database (password) ?

              Not on pfSense itself natively, the RADIUS server itself would have to support that, and there are several that do (e.g. FreeRADIUS can be integrated with mOTP/Google Authenticator and potentially other types).

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              L 1 Reply Last reply Reply Quote 0
              • L
                laurenta @jimp last edited by

                @jimp My problem is that my customers are using pfSense internal user database and from my RADIUS server, there is no way to verify user’s password…

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post