I am trying to enable authentication thru Radius server set up in Okta.
https://help.okta.com/oie/en-us/content/topics/integrations/okta_radius_app-gen-group-auth.htm
Authentication itself works fine, push request is coming thru, but no groups are being read by OPNsense:
User: tony.tester@test.com authenticated successfully.
This user is a member of these groups:
(no groups)
Attributes received from server:
class => pfsense
pfsense_test is the name of the group in Okta:
Groups Response
Include groups in RADIUS response: yes
When selected, Okta will return user groups to the specified RADIUS attribute. This is used to define access to resources or to define other policies within a RADIUS network.
RADIUS attribute: 25 Class
Group memberships to return: pfsense
Response format: Repeating attributes
Group name format: ${group.name}
On pfsense this works like charm it reads the group membership without any issues with same configuration.
I have tested other radius attribute 11 Filter-ID but no luck
Any ideas?
Group sync is enabled in authentication server