Pfsense Captive portal MSRadius AD Authentication

Serdar Bayram1 Eylül 2015

0 7.805 2 dakika okuma süresi

Pfsense Captive portal MSRadius AD Authentication 1

pfsense_radius server
Hi friends MS Radius server with our present-day issues on the portal Captive pfSense acted in active directory user or group will provide a web output power.
What we’re going operations;

PfSense Captive Portal configuration
Radius Server 2012 on the server installation and configuration
Captive portal Radius Server integration.

The scheme will be made as follows of friends here.

First we build our RADIUS server, I use my machine for the ADR process only 2 Role in the machine …

Server 2012 Radius Server Installation

1-)
First we choose the Add Roles and ftur u our screen server manager.

captive_radius_01

captive_radius_02 captive_radius_03

Select the Network Policy and Access Services option we load our sever the Radius server service. captive_radius_04

captive_radius_05 captive_radius_06 captive_radius_07

Install complete your installation saying.
captive_radius_08
Yes, now we will be ready to configure RADIUS server.
2-) Radius Client a right click on them first and then we configure our Radius client.
captive_radius_09
Here I give a name for the Radius Client (this name is important because the zone name will create a captive portal on pfSense have to be the same) Address section I’m going to pfSense machine’s IP address.
In the lower section I set a security password and record saying I’m OK.

captive_radius_10

3-) Polices –>We come to the department and we are creating a new network rule saying.

captive_radius_11

We continue to give a name to our Rule.
captive_radius_12
I choose the place add diyer will make the Radius server authentication On this page I want here Active directory in which all domain users with the emergence of the internet, but you know authorize selecting here in any group you specify.
captive_radius_13
captive_radius_14
Our rule will permit a transition rule “Access Granted” We continue with the option.
captive_radius_15

captive_radius_16

captive_radius_17
Encryption section of “No encryption” We remove the check mark from the box.
captive_radius_18
Finish saying we complete our rule.
captive_radius_19

Here I leave them off because I work with the standard rules.

captive_radius_20

4-) On Pfsense Servers–>Captive portal–>New Zone saying, but here we are creating a new zone zone name in the name you give to the RADIUS server must be the same name you gave to the Radius client !!

captive_radius_21

Captive Portal Enable Network I choose whether I apply.

captive_radius_22

After Authentication URL Redirect: If you want the option to be automatically redirected after authentication can enter the site name.

captive_radius_23

Primary Authentication section
We choose the authentication method MSCHAPv2.
IP Address: enter the address of the server that I found my RADIUS server.
Port: Here you can enter idle to as 1812.

Shared secret: we have created a security key in this section Radius server

captive_radius_24

How do I choose the LAN network up my rope Radius attribute section. captive_radius_25

Yes my friends now configure all the settings that we now have on our users will no longer encounter with AD captive portal screen where they want to go to the internet and be able to provide their AD user name and password by entering the exit to the internet.

captive_radius_26