Problems with ipsec vpn with radius authentication

  • Greetings,

    I'm trying to set up pfSense for VPN using an external freeRadius server.  The problem I am having is that when Radius Rejects the user, pfSense still allows the inbound vpn connection to get established.

    Here is an excerpt from the pfSense log:
      Dec 5 12:57:36 charon: 04[MGR] IKE_SA con1[38] successfully checked out
      Dec 5 12:57:37 charon: user 'fred' could not authenticate.
      Dec 5 12:57:37 charon: 04[IKE] <con1|38>XAuth-SCRIPT succeeded for user 'fred'.
      Dec 5 12:57:37 charon: 04[IKE] XAuth-SCRIPT succeeded for user 'fred'.

    And a line from Radius:
      (1) Sent Access-Reject Id 191 from to length 20

    I am using the latest version of pfSense 2.2 beta as well as the latest beta of freeradius…


  • A fix was pushed for this that will come with new snaps and RC.

  • Great.  Thanks!!

Log in to reply