Problems with ipsec vpn with radius authentication



  • Greetings,

    I'm trying to set up pfSense for VPN using an external freeRadius server.  The problem I am having is that when Radius Rejects the user, pfSense still allows the inbound vpn connection to get established.

    Here is an excerpt from the pfSense log:
      Dec 5 12:57:36 charon: 04[MGR] IKE_SA con1[38] successfully checked out
      Dec 5 12:57:37 charon: user 'fred' could not authenticate.
      Dec 5 12:57:37 charon: 04[IKE] <con1|38>XAuth-SCRIPT succeeded for user 'fred'.
      Dec 5 12:57:37 charon: 04[IKE] XAuth-SCRIPT succeeded for user 'fred'.

    And a line from Radius:
      (1) Sent Access-Reject Id 191 from 192.168.3.145:1812 to 192.168.3.158:57087 length 20

    I am using the latest version of pfSense 2.2 beta as well as the latest beta of freeradius…

    Thank,
    Pax.</con1|38>



  • A fix was pushed for this that will come with new snaps and RC.



  • Great.  Thanks!!


Log in to reply