OPNsense Forum

English Forums => General Discussion => Topic started by: liner03_brogans on July 13, 2023, 06:30:08 pm

Title: Unable to setup EAP-TLS using FreeRADIUS on OPNSense
Post by: liner03_brogans on July 13, 2023, 06:30:08 pm

hi, I am trying to set up EAP-TLS (802.1x certificate based authentication) on my OPNsense Box. As EAP-TLS uses cert, hence there should be no password. May I ask what should I type in the password box? Thank you~

I use pfsense FreeRADIUS plugin before, and I just leave it blank and it does authenticate users.

Versions OPNsense 23.1.11-amd64, FreeBSD 13.1-RELEASE-p8.

Plugin name: FreeRADIUS , Free Radius version 1.9.22.

screenshot link: https://imgur.com/a/Vt3AHVJ
Thanks all~

Title: Re: Unable to setup EAP-TLS using FreeRADIUS on OPNSense
Post by: mimugmail on July 13, 2023, 08:11:43 pm

You dont need to set users, certificate is enough as you authenticate the device, not the user

Title: Re: Unable to setup EAP-TLS using FreeRADIUS on OPNSense
Post by: liner03_brogans on July 14, 2023, 05:55:39 am

Thank for your reply~ May I ask how to set a vlan for a EAP-TLS  device cert?

Title: Re: Unable to setup EAP-TLS using FreeRADIUS on OPNSense
Post by: mimugmail on July 14, 2023, 09:51:18 am

I think this is not possible via GUI. If you find a guide via CLI which you can reproduce I can have a look to implement it

Title: Re: Unable to setup EAP-TLS using FreeRADIUS on OPNSense
Post by: Josh on December 14, 2023, 07:57:53 pm

Does this mean that it is not currently possible to configure OPNsense for EAP-TLS (802.1x certificate based authentication)?

I'd like to try to move from pfSense to OPNsense but lack of device certificate based 802.1x EAP-TLS authentication is a show stopper for us...  :-\