Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Source address for Authentication (like Radius)

    Scheduled Pinned Locked Moved webGUI
    4 Posts 3 Posters 2.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      paklids
      last edited by

      Is there a way to set the source address or interface that pfsense uses for Radius calls?

      My instance of 2.1-RC0 is defaulting to source from the WAN address and I'd need it to source from the LAN address to make it to my Radius server.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Are you using RADIUS from the user manager, or from captive portal, or something else?

        I thought one place let you set the source, but it typically will take the closest IP along the route to the server. If it needs to leave VIA the LAN IP, you may need a static route to nudge it the right way, sort of like what is described here: http://doc.pfsense.org/index.php/Why_can%27t_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPN%3F

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by

          In my experience, you should use IP and not FQDN for the RADIUS server.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            @doktornotor:

            In my experience, you should use IP and not FQDN for the RADIUS server.

            That can definitely help if it's internal, for RADIUS (LDAP depends on the settings in use, FQDN is needed for SSL in most cases).

            If you're using an FQDN you can check the DNS result seen by the firewall under Diag > DNS. It could be getting an external IP there rather than internal if you have a split DNS setup.

            Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.