• I was wondering if the Captive Portal could authenticate to a FreeRADIUS server that is installed on the same box, or if it has to be an external RADIUS server.

    Any help is appreciated!

  • Either should work.

  • Any info on how to make that work?

    I tried the basic idea, installed the package and such and made users,  the passphrase and then entered the correct information into the CP side…

  • Don't know, never tried it. Theoretically it should work.

  • I tried that once some time ago and it just worked. I think you had to use the LAN IP of the pfSense as the IP of the radiusserver. for example didn't work iirc.

  • I'm a noob when it comes to this so I had trouble setting up the internal Freeradius server too.  But I got it working by doing the following which I cut and pasted and mangled from another thread I found.  What was getting me was I didn't set up my client, just had the server running and added users - gotta have that client configured too…lol.

    1.  Install the latest pfSense snapshot.
    2.  Install the FreeRADIUS package (not available on the embedded platform).
    3.  Go to Services/Captive Portal and enable RADIUS Authentication.
    4.  Configure your Primary Radius Server IP Address = LAN port IP on pfSense box.
    5.  Configure Shared Secret = your secret word.
    6.  Click SAVE - very important or your settings won't take.
    7.  Go to the Services/FreeRADIUS, select the Client Tab, then configure your client.
        Client IP = LAN port IP on pfSense box, Shared Secret = your secret word that you entered above on line 5.
    8.  Again, click SAVE after your client is configured.
    9.  Click the Users Tab and add your usernames/passwords to FreeRADIUS.
    10. Did I mention, click SAVE after each user is added.

    Okay, you should be good to go at this point.

Log in to reply