Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
[solved] Send radius configuration files from an external server.
« previous
next »
Print
Pages:
1
[
2
]
Author
Topic: [solved] Send radius configuration files from an external server. (Read 12414 times)
sens_ible
Newbie
Posts: 22
Karma: 0
Re: Send radius configuration files from an external server.
«
Reply #15 on:
October 11, 2017, 05:38:43 pm »
I have just set up a fresh system. Seems this is a great opportunity to prepare a How-To enable api access from the scratch ;-)
I will open a new thread and when the access to the API problem is solved, I can focus on the RADIUS configuration again.
Thanks for all the support I have received so far.
To be continued ...
Logged
sens_ible
Newbie
Posts: 22
Karma: 0
[solved] Re: Send radius configuration files from an external server.
«
Reply #16 on:
October 12, 2017, 06:49:31 am »
Finally, the api calls work fine.
I will use mimugmails curl statements in a script and so I will be able to do an automatic management of radius subscribers.
Maybe it is worth mentioning the root cause for the problems I encountered before.
I started with the configuration of a WAN interface and I was connected to the appliance via the WAN interface. Even after a fresh install I found myself locked-out unexpectedly again somewhere in the course of configuration.
It seems that upon activation of a LAN interface, the default non-lockout rules (allow incoming port 80 and 443) are automatically removed from the WAN interface and established on the LAN interface. Hence, further login attempts from the WAN interface (and the api calls of course) will fail. After manually adding the rules on the WAN interface again, also the api calls worked as expected.
If someone else can confirm this, maybe one should consider a correction in one of the next versions of OPNsense.
Anyway, thanks a lot for all the support. And after it is working, I really appreciate these api calls. A great tool to manage all aspects of your firewall automatically.
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: [solved] Send radius configuration files from an external server.
«
Reply #17 on:
October 12, 2017, 09:36:54 am »
You shouldn't have anti lockout rules on the WAN. Just create a static rule allowing your external static IP. Then there wont be anything removed when enabling LAN
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Print
Pages:
1
[
2
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
[solved] Send radius configuration files from an external server.