Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pppoe and radius

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    4 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kiwi_rock
      last edited by

      I've tried installing a radius server (WinRadius 2009) to use to authenticate PPPoE users (since the local database update ills all connnections). However WinRadius is moaning saying the password/secret is incorrect.

      Does pfsense send this encrypted or something instead?

      I've also noticed the PPPoE server has reverted to plain text PAP for authentication, will there still be an MSCHAP option?

      1 Reply Last reply Reply Quote 0
      • K
        kiwi_rock
        last edited by

        I'm guessing no to MSCHAP? It only seems to want to use PAP in 2.0 RC2.

        Meaning anyone with a packet sniffer can see others log-on credentials over wi-fi right?

        I've tried the PPPoE server again but I still have pages that die and won't load. For example, www.metservice.co.nz. The page refuses to finish loading.

        Does pfsense not automatically fragment packets from a 1500 ethernet to the 1492 PPPoE client? I tried changing my MTU to 1480 on my routers upstream but it still won't pass www.metservice.co.nz correctly to an end client.

        1 Reply Last reply Reply Quote 0
        • K
          kiwi_rock
          last edited by

          Found my problem, even with ICMP enabled I decided to replace another upstream router with a different brand and problem solved. My entire network is now 1480 to be compatible with XP dialers.

          I'd still like to know though, will MS-CHAP authentication be supported again like it was before 2.0?

          Is there any possibility to enable MPPE on the PPPoE Server in pfsense or in the future? So Wi-Fi access can offer some level of security to each end user on an individual basis? ie: even with WPA on the Wi-Fi side, a clietn can still packet sniff PPPoE traffic of others if they have the network key and are associated.

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by

            MS-CHAP has never been supported, maybe at some point in the future post-2.0.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.