Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Radius server

    Scheduled Pinned Locked Moved IPsec
    3 Posts 3 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      alekdm
      last edited by

      Hi friends. I am new in pfsense and I have a problem when I try to established EAP-Radius with PFsense 2.2.6.
      The main problem is that for now we used PPTP and we want to move on to 2.3. Now I am testing IKEv2 tunel to replace PPTP.
      I'l try with this docs https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2 and there is no problem with EAP-MSCHAPv2.
      Our PPTP also work with radius trought pfsense there is no problem with authentication.
      But when I setup a new radius trought user manager -> servers, I cant authenticate trought pfsense tool - Authentication - this is result from eventvwr (windows srv 2012 r2)

      This is set on network policy IKEv2

      This is all that I was tried:
      1. Disable completely PPTP (even delete it and restart pfsense) - no effect
      2. Change all option in network policy/constraint - no effect

      I know I'm wrong somewhere but where. If you can please give me an advice. I appreciate it.
      Best regards Alek

      1 Reply Last reply Reply Quote 0
      • T
        tignleu
        last edited by

        I know it has been a while since this has been posted. PfSense seems to only authenticate in PAP when connecting to a RADIUS.
        Personally I think this is a security issue because information (username/password) is send plaintext to/from the RADIUS server.

        Is there anyway to get PfSense to authenticate through EAP?

        1 Reply Last reply Reply Quote 0
        • P
          phillipah
          last edited by

          When using PAP authentication the password field is encrypted with the shared secret so it is only as insecure as your shared secret.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.