[SOLVED] TROUBLE TO THE IMPLEMENT VPN-RADIUS



  • Hi, anybody help me i have implemented pfsense vpn-roadwarrior but now i want to have this but with radius; i have a windows 2008R2 with Active Directory and RADIUS, but when i try joind a user created with openvpn client, i execute the file .exe i put the username and password but appear me the next:

    Mon Sep 21 20:05:54 2015 Warning: cryptapicert used, setting maximum TLS version to 1.1.
    Mon Sep 21 20:05:54 2015 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug  4 2015
    Mon Sep 21 20:05:54 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
    Enter Management Password:

    Please anybody tell me why this error? in the openvpn server i have radius authentication but also i have that install active directory? any documentation please?


  • LAYER 8 Global Moderator

    "error=unsupported certificate purpose"

    Looks like your using the wrong cert if you ask me..  There have been quite a few of these threads of late.  Did you use the wizard to setup the openvpn server - this makes it impossible to mess up the certs.  If you created cert in CA you prob created a user cert vs server cert.

    edit: Have you looked at this doc?
    https://doc.pfsense.org/index.php/Using_OpenVPN_With_FreeRADIUS

    I looked over the doc and looks pretty straight forward.  I think your issue is you have the wrong certs.  Are you saying everything worked find just using tls auth or or user auth, and or tls+user auth and your only getting this unsupported cert error when you switch using radius?



  • Thanks, this work, thanks for you help


Log in to reply