Project

General

Profile

Bug #8897

RADIUS WebUI login with RADIUS does not work

Added by Peter Baumann about 1 year ago. Updated about 1 year ago.

Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
Web Interface
Target version:
-
Start date:
09/14/2018
Due date:
% Done:

0%

Estimated time:
Affected Version:
Affected Architecture:

Description

Hi all,
I setup FreeRADIUS as a RADIUS server and try to login to the WebUI then.
It is not working since the returned Class attribute is send as a octet format and not a string format.
According to this it seems to be standard: http://freeradius.1045715.n5.nabble.com/Treating-octets-as-string-td3359645.html

I checked the code in /etc/inc/auth.inc but there it takes the group assignments from a string value.

A great idea would it be to make it configurable which custom RADIUS attribute should be used as a group value or fix to get the value in Class attribute when it is sent as octet.

auth_test_pfSense_RADIUS.png (49.9 KB) auth_test_pfSense_RADIUS.png Peter Baumann, 09/16/2018 07:51 AM

History

#1 Updated by Jim Pingle about 1 year ago

  • Status changed from New to Not a Bug

RADIUS auth works fine when configured correctly. The subject is incorrect, or at least misleading. It works with the FreeRADIUS package on pfSense. There is no bug here.

#3 Updated by Jim Pingle about 1 year ago

Tested it again here and it works.

User in FreeRADIUS has:

Class := "admins;VPNUsers" 

Same groups are defined on the firewall, and show when testing authentication.

Take this discussion to the forum to discuss why your configuration is not working as you expect. There is no bug here.

Also available in: Atom PDF