Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    When updating to PFSENSE 2.7 CE Stunnel + Ldap Google does not work (Use in captive portal)

    Scheduled Pinned Locked Moved
    Captive Portal
    3
    5
    512
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      paliveira
      last edited by

      Good morning,

      In version 2.6 I had configured captive portal authentication via Ldap Google, it was functional for a long time, however last Friday I upgraded to version 2.7 of Pfsense CE.
      After this event connectivity is impaired. In my view, it connects to google's ldap, but does not make the query.

      Here's how to do the authentication test:

      stunnel[2964]: LOG3[2]: transfer: s_poll_wait: TIMEOUTclose exceeded: closing

      Jul 17 08:31:23 pfSense-XXXX stunnel[2964]: LOG6[2]: TLS connected: previous session reused
      Jul 17 08:31:23 pfSense-XXXX stunnel[2964]: LOG6[2]: Peer certificate not required
      Jul 17 08:31:23 pfSense-XXXX stunnel[2964]: LOG6[2]: SNI: sending servername: ldap.google.com
      Jul 17 08:31:23 pfSense-XXXX stunnel[2964]: LOG5[2]: Service [Stunnel Google] connected remote server from 200.xxx.xxx.253:41423
      Jul 17 08:31:23 pfSense-XXXX stunnel[2964]: LOG5[2]: s_connect: connected 216.239.32.58:636
      Jul 17 08:31:23 pfSense-XXXX stunnel[2964]: LOG6[2]: s_connect: connecting 216.239.32.58:636
      Jul 17 08:31:23 pfSense-XXXX stunnel[2964]: LOG5[2]: Service [Stunnel Google] accepted connection from 127.0.0.1:10561
      Jul 17 08:31:17 pfSense-XXXX check_reload_status[411]: Updating static routes based on hostnames

      When clicking select container it displays this message:

      Could not connect to the LDAP server. Please check the LDAP configuration.

      Configs:
      auth1.png
      auth2.png
      stunnel.png

      If you can help me, I would appreciate it, I didn't want to go back to the previous version.

      Grateful

      Pablo

      GertjanG N 2 Replies Last reply Reply Quote 0
      • GertjanG
        Gertjan @paliveira
        last edited by

        @paliveira

        Your first image :
        1b21aa9e-b0ac-4135-b4a3-fed519209b17-image.png

        read https://docs.netgate.com/pfsense/en/latest/recipes/auth-google-gsuite.html again.
        There is (was ?) a difference between CE (2.4.x) and pfSense Plus, in the past.
        Maybe this isn't the case (with 2.7.0) anymore ?
        Just guessing, not using 'Google' myself.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        P 1 Reply Last reply Reply Quote 1
        • N
          Neverstopdreaming @paliveira
          last edited by

          @paliveira
          in my setup I use:
          339865c0-c1c4-45d0-9ceb-c7a082043420-image.png
          7ea4ff23-469e-4707-b008-5b7be730f65c-image.png
          not sure if it causes your problem but it works for me in 2.7.0 CE

          P 1 Reply Last reply Reply Quote 2
          • P
            paliveira @Neverstopdreaming
            last edited by

            @Neverstopdreaming

            Thanks, with this flag is works. ๐Ÿ‘ ๐Ÿ™‡ ๐Ÿ™‡

            But, i had to create other certificate in google, the old certificate do not had working..

            1 Reply Last reply Reply Quote 0
            • P
              paliveira @Gertjan
              last edited by

              @Gertjan

              Thanks to reply..

              1 Reply Last reply Reply Quote 0
              • P paliveira referenced this topic on
              • First post
                Last post