Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Radius auth broken?

    Scheduled Pinned Locked Moved IPsec
    6 Posts 4 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      opti2k4
      last edited by

      Hi,

      i have installed clean 2.2 (After i had 2.1) and now radius (MS NAP 2008r2) is not working. I don't even see that authentication requests are coming to radius server. Nothing has changed on raidus, and pfsense has same IP.

      Can anyone confirm?

      1 Reply Last reply Reply Quote 0
      • O
        opti2k4
        last edited by

        I did some more testing, if i go to https://1.1.1.1/diag_authentication.php and test raidus there it works and i can see auth request on radius server.

        If i select radius on Mobile clients under Xauth it's being ignored. So yes, it looks like a bug.

        1 Reply Last reply Reply Quote 0
        • O
          opti2k4
          last edited by

          There is a bug here and i don't know how i fixed it. Maybe disable/enable ipsec did it but GUI is bugged. Can you change instead to selecting auth that we get dropdown list?

          1 Reply Last reply Reply Quote 0
          • M
            mikeisfly
            last edited by

            Radius has been a problem for me for a while I want to say since 2.1.x I was told to use LDAP instead, which seem to work well for me. If radius isn't going to be fixed it should probably be taken out of the GUI.

            1 Reply Last reply Reply Quote 0
            • jimpJ
              jimp Rebel Alliance Developer Netgate
              last edited by

              If you're using a hostname for the RADIUS server make sure it only resolves to an IPv4 host. The RADIUS code in libradius, used by PHP, is not IPv6 aware.

              The only time I've seen RADIUS traffic fail to exit the firewall is when it was trying to use IPv6. So if you're using a hostname, try using the IPv4 address directly.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • E
                eri--
                last edited by

                For radius settings you need to restart ipsec service after configuration.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.