Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Change Authentication Server from CLI

    General pfSense Questions
    3
    5
    259
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      onetwo
      last edited by

      Hello,

      I'm looking for the solution to change Authentication Server for WUI to Local Database (actually configured FreeRadius) from CLI.

      I tried to find related conf in/conf/config.xml, but i don't know where to change.

      I would like to avoid to restore conf.
      Thank you.

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @onetwo
        last edited by Gertjan

        @onetwo

        Edit the config ?! remember, this is pfSense : everything is stored in one file.

        Go SSH or console, option 8 and then :

        viconfig

        Before you use this command, and depending on when you were born, take note : your dealing with 'vi' here. For those who remember wordstar or edlin : it's worse.

        With the / command you should search for : authserver
        Then, when on the first line (see below), the command dd will delete a line.
        Ditch the entire :

        b5cb4944-ee41-4cc8-8bc9-cca45ea5330e-image.png

        section.
        Don't mess with the 'xml' formatting.
        Quit vi with ESC : w q

        The advantage of using this command is that the config will get reloaded after quitting vi (I think).

        Did I mention that you should make a copy of the config before you make things worse ? ^^

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        O 1 Reply Last reply Reply Quote 0
        • O
          onetwo @Gertjan
          last edited by

          Thank you @Gertjan, but i have the same entry on 2 different Pfsense so i don't think that change may be done in this section..

          Pfsense A: (Authentication Server: Local Database)

          	<authserver>
		<refid>6124f7114286c</refid>
		<type>radius</type>
		<name>Local FreeRADIUS</name>
		<radius_protocol>PAP</radius_protocol>
		<host>127.0.0.1</host>
		<radius_nasip_attribute>wan</radius_nasip_attribute>
		<radius_secret>XXXXXXXXXXXXXXX</radius_secret>
		<radius_timeout>5</radius_timeout>
		<radius_auth_port>1812</radius_auth_port>
		<radius_acct_port>1813</radius_acct_port>
	</authserver>

          Pfsense B: (Authentication Server: FreeRadius)

          	<authserver>
		<refid>6124f7114286c</refid>
		<type>radius</type>
		<name>Local FreeRADIUS</name>
		<radius_protocol>PAP</radius_protocol>
		<host>127.0.0.1</host>
		<radius_nasip_attribute>wan</radius_nasip_attribute>
		<radius_secret>XXXXXXXXXXXXXXX</radius_secret>
		<radius_timeout>5</radius_timeout>
		<radius_auth_port>1812</radius_auth_port>
		<radius_acct_port>1813</radius_acct_port>
	</authserver>
          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Authentication for what? That's just where the external servers are configured. For the GUI that's set by the authmode tag:

            			<authmode>Local Radius</authmode>
			<authmode>Local Database</authmode>
            O 1 Reply Last reply Reply Quote 1
            • O
              onetwo @stephenw10
              last edited by

              @stephenw10 said in Change Authentication Server from CLI:

              authmode

              I mens authentification to WUI.. Perfect, i was exactly looking fot that...
              Thank you!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.