Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FreeRADIUS + LDAP - Cannot authenticate

    Scheduled Pinned Locked Moved Wireless
    2 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mariows
      last edited by

      Hey everyone, I have a pfSense server with FreeRADIUS installed in a machine and a LDAP server in another one, and I would like to make users authenticate on RADIUS using a LDAP database, but I'm not being able to make it happen.

      I've made some tests and I noticed the LDAP database is Ok. I could make that LDAP database work with Squid Proxy, and users can authenticate using their credentials from LDAP database. Also, to see if Radius is really working, I created a local user and I could authenticate just perfect fine. So, the problem is 100% sure with some configuration between LDAP->Radius.

      My current config is:

      ldap {
        #
        #  Note that this needs to match the name in the LDAP
        #  server certificate, if you're using ldaps.
        server = "192.168.4.154"
        port = "389"
        identity = "cn=admin,dc=cecvt,dc=com"
        password = ldap
        basedn = "ou=People,dc=cecvt,dc=com"
        filter = "(posixAccount)(uid=%u))"
        base_filter = "(objectclass=radiusprofile)"

      I already tested the "uid=%u" filter, also the default filter and some others but still not sucess. Squid proxy wasn't working I solved using the "cn=%s" filter. Tried that on Radius, and nothing worked…

      Can someone help me? Please =)

      1 Reply Last reply Reply Quote 0
      • P
        plasticmandunk
        last edited by

        Hi, did you find a solutioin ? I think that the probleme can be the ldap configuration , if you look at your logg you'll see that the bind to the ldap can't be done. Maybe there is a probleme of certificate too.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.