Project

General

Profile

Actions

Bug #8897

closed

RADIUS WebUI login with RADIUS does not work

Added by Peter Baumann about 3 years ago. Updated about 3 years ago.

Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
Web Interface
Target version:
-
Start date:
09/14/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

Hi all,
I setup FreeRADIUS as a RADIUS server and try to login to the WebUI then.
It is not working since the returned Class attribute is send as a octet format and not a string format.
According to this it seems to be standard: http://freeradius.1045715.n5.nabble.com/Treating-octets-as-string-td3359645.html

I checked the code in /etc/inc/auth.inc but there it takes the group assignments from a string value.

A great idea would it be to make it configurable which custom RADIUS attribute should be used as a group value or fix to get the value in Class attribute when it is sent as octet.


Files

auth_test_pfSense_RADIUS.png (49.9 KB) auth_test_pfSense_RADIUS.png Peter Baumann, 09/16/2018 07:51 AM
Actions #1

Updated by Jim Pingle about 3 years ago

  • Status changed from New to Not a Bug

RADIUS auth works fine when configured correctly. The subject is incorrect, or at least misleading. It works with the FreeRADIUS package on pfSense. There is no bug here.

Actions #3

Updated by Jim Pingle about 3 years ago

Tested it again here and it works.

User in FreeRADIUS has:

Class := "admins;VPNUsers" 

Same groups are defined on the firewall, and show when testing authentication.

Take this discussion to the forum to discuss why your configuration is not working as you expect. There is no bug here.

Actions

Also available in: Atom PDF