• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Change radius Protocol from PAP to MS-CHAPv2

Scheduled Pinned Locked Moved General pfSense Questions
3 Posts 3 Posters 258 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    markdudov
    last edited by May 27, 2024, 10:14 PM

    Hello guys,

    I followed this guide to enable pfSense 2FA at login.

    https://www.comparitech.com/blog/vpn-privacy/pfsense-two-factor-authentication/

    But there is something I don't like. As you can see PAP is used as Radius Protocol and not MS-CHAPv2

    923b2886-cb41-49ac-9722-0214d3e9d4e6-image.png

    I tried changing it to MS-CHAPv2, but as soon as I change the protocol and go to the diagnostics -> authentication section to check if everything is ok, the authentication no longer works. If I change it back to PAP then authentication succeeds and if I change it back to CHAPv2 then authentication fails.

    What needs to be changed throughout the configuration so that once the Radius Protocol MS-CHAPv2 is selected, it will authenticate successfully.

    I would be very grateful if someone could look at the configuration from the link at the beginning and tell me what the problem might be and how I could solve it.

    Thanks for your time. I appreciate it!

    K 1 Reply Last reply May 28, 2024, 8:07 PM Reply Quote 0
    • S
      stephenw10 Netgate Administrator
      last edited by May 28, 2024, 1:26 PM

      Why are you trying to change it? That traffic is only between internal services on localhos,t it never leaves the firewall.

      1 Reply Last reply Reply Quote 0
      • K
        keyser Rebel Alliance @markdudov
        last edited by May 28, 2024, 8:07 PM

        @markdudov I dont think freeradius on pfSense supports Chapv2 unless its EAP encapsulated.

        Love the no fuss of using the official appliances :-)

        1 Reply Last reply Reply Quote 1
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received