Project

General

Profile

Actions

Feature #3686

closed

Distinguish services when sending authentication request to RADIUS server

Added by Jocelyn Viau over 10 years ago. Updated about 6 years ago.

Status:
Resolved
Priority:
Normal
Category:
User Manager / Privileges
Target version:
Start date:
05/30/2014
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:

Description

I use RADIUS for authenticating users on different services on pfSense: Captive Portal, multiple OpenVPN servers, Web UI, etc. Each service would require different user access policies, as I do not want a VPN user to also be able to open the pfSense web UI.

At the moment (pfSense 2.1.3), I have not found any way to tell the RADIUS server which service the user is trying to connect to on pfSense and, therefore, apply a distinct policy on the RADIUS system for each service.

For example, it would be nice to be able to configure the content of the NAS-ID attribute for each service:
- ovpns1
- ovpns2
- captive portal
- pfsense webui
- ...

Actions

Also available in: Atom PDF