PFsense + Radius for authoritzation for VM



  • Hi Guys,

    TL;TR: Can pfsense handle authorizing between users and VMs through a Radius server?

    In my architecture I have Pfsense as firewall with uses Radius to handle AAA. Then in the LAN I've several machines. Each user connect through a VPN remote access, then they ask permission to connect to a VM using a web form (which can grant or deny the access). The first idea was to handle the authorization (the "book" a VM concept) using the same Radius server used for authentication, but seems that this is not possible with pfsense. I think that the only way to do that is creating dynamically FW rules, which is not a good solution because the authentication and the authorization are done and configured in two different places.

    Any idea? There's a better solution or I'm just doing it right?

    Thanks a lot.