Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Is this setup secure? OpenVPN via RADIUS on AD2008R2

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      Vorkbaard
      last edited by

      Hi, I followed this and this tutorial to have OpenVPN authenticate against Active Directory 2008 R2 through RADIUS. Contrary to what it says in the second howto, I did not check 'Store password using reversible encryption' in AD.

      I can't get OpenVPN to work if I set Server Mode to 'Remote Access ( SSL/TLS + User Auth )' in the OpenVPN Server config in PfSense 2.0.1, but it does work if I choose 'Remote Access ( User Auth )'. I assume that is because the certificates would have to be stored in AD as well, and there are none.

      Under Cryptographic Settings I did check 'Enable authentication of TLS packets'.

      Is this setup secure, in the sense that someone using Wireshark for example would not be able to sniff out the credentials on either side of the tunnel? Or should I really need to use SSL/TLT + User Auth?
      radius.png
      radius.png_thumb

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.