pfSense, freeRadius, WiFi-AP

faust · June 4, 2019, 5:17am

Heyya!

So, I searched and couldn’t find, so here goes.

I’ve been a long time user of pfSense, learned a few tricks (Thanks Tom!), and recently had to upgrade our WiFi AP unit so I can segment out vlans, use multiple ssid’s and generally secure things down. I bought the TP-Link EAP-245v3 as it was on sale locally for a clearance price, silly store. I have the ssid’s and vlans all working during testing, however, I want to use WPA-Enterprise on one or two ssid’s. I’m officially stumped I think. I installed freeRadius, set it up per Tom’s latest video, as what I originally used only had me with the auth server. I have the AP setup to point to pfSense, with the password set to the client shared. pfSense is setup on the NAS section for the AP IP, and the same client shared pw. User account was created, username and password, cleartext, everything else default. When I try to connect to the ssid, it starts and then drops as if something is wrong. It doesn’t matter which method I use on the mobile client either, leap, pwd, etc.

The only thing I get from the pfSense log is this: Login incorrect (Failed retrieving values required to evaluate condition)

I’m baffled, send help!

Thanks in advance!

LTS_Tom · June 4, 2019, 10:01am

Assuming the password is correct, a guess would be hte WiFi is querying the pfsense improperly. I am not familiar with the TP Link but perhaps it has some documentation about the protocols they use.

faust · June 4, 2019, 11:29pm

I considered that, and TPLink’s documentation is, well, none really. However I would have thought WPA-Enterprise and Radius would be fairly set standards. I read further down the initial tutorial I used, and found the the ‘radtest’ tool. I used it, reset everything to match that documentation, tried it again with the same results. It seems the server isn’t responding, so says the radtest command.? Services show it’s running though. Either I’m thinking too hard here, or something’s broken. I’ll try anything at this point.

I should mention I’ve also been running the pfSense 2.5 Dev Branch, but it’s a home network and the only issue I’ve ever had, has been there since 2.3, and my bug reports go unanswered. Whatever ‘utime’ is for, can eat my shorts.

Error I get: (0) No reply from server for ID 163 socket 3
pfSense 2.5 Dev, build May 24th
freeradius tutorial I originally used