Radius server
-
Hi friends. I am new in pfsense and I have a problem when I try to established EAP-Radius with PFsense 2.2.6.
The main problem is that for now we used PPTP and we want to move on to 2.3. Now I am testing IKEv2 tunel to replace PPTP.
I'l try with this docs https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2 and there is no problem with EAP-MSCHAPv2.
Our PPTP also work with radius trought pfsense there is no problem with authentication.
But when I setup a new radius trought user manager -> servers, I cant authenticate trought pfsense tool - Authentication - this is result from eventvwr (windows srv 2012 r2)
This is set on network policy IKEv2
This is all that I was tried:
1. Disable completely PPTP (even delete it and restart pfsense) - no effect
2. Change all option in network policy/constraint - no effectI know I'm wrong somewhere but where. If you can please give me an advice. I appreciate it.
Best regards Alek
-
I know it has been a while since this has been posted. PfSense seems to only authenticate in PAP when connecting to a RADIUS.
Personally I think this is a security issue because information (username/password) is send plaintext to/from the RADIUS server.Is there anyway to get PfSense to authenticate through EAP?
-
When using PAP authentication the password field is encrypted with the shared secret so it is only as insecure as your shared secret.