Setting up FreeRADIUS on pfSense with Google LDAP and integrating with UniFi Controller
-
Hi all,
I'm trying to set up the FreeRADIUS package on pfSense and link it with Google LDAP for user authentication. After that, I need to integrate the FreeRADIUS server with a UniFi Controller.
However, I’m stuck with the error message:
I've tried troubleshooting, but I can't seem to find where the issue is. Does anyone have a good step-by-step guide for setting this up, or any tips on resolving this error?
Any help or guidance would be greatly appreciated!
Thanks in advance!
-
The error :
"(0) -: Expected Access-Accept, got Access-Reject". -
The configuration will follow shortly.
-
Google Admin:
- Go to Apps --> LDAP
- Click Add Client
- Give it a name and a discription
- Access permissions
-
Verify user credentials = Entire domain -
Read User information = Entire domain + System attributes -
Read group information = ON - Download the generated google certificate
- Generate new credentials en save it (User + Password)
- Set the Service status = ON
pfSense:
- Add Certificates
- Go to System --> Certificates --> Certificates
- Click +Add
- Give it a name and paste the contents of the certificate and private key
- Install FreeRadius
- Login
- Go to System --> Package Manager
- Search for freeradius and click on install
- Wait while the installation of pfSense-pkg-freeradius3 completes.
- Config FreeRadius
- Go to Services --> FreeRADIUS
- Go to interfaces
- Click +add en make the follow interfaces
- Go to LDAP and fill in the things
-
So what's working? What isn't working?
-
@stephenw10 when i do a radtest i get always the result "(0) -: Expected Access-Accept, got Access-Reject".
-
First, in the GUI, stop FreeRadius.
Then, in a first console access, you run
radiusd -XThen, in the second (use SSH ?!) start our radtest :
@laurens-DS said in Setting up FreeRADIUS on pfSense with Google LDAP and integrating with UniFi Controller:
when i do a radtest
In the first console, with the Radius debug log output, you can see the reason.
