Ubiquiti UniFi Access Point - WPA2/WPA3 Enterprise w/ FreeRADIUS on pfSense

WOW! that was quick. Thank you very much. Best and probably the only one I have seen.

jaypines

thanks so much!! best tutorial on setting up freeradius with pfsense and my ruckus AP

villainpriest

Great tutorial! Thank you. I just have a problem because only 1 of the 4 APs added in the “NAS / Clients” list can connect using RADIUS. Do you have any idea what is wrong?

dawid

Great tutorial, the only one on youtube.
I wonder if it would be possible somehow in this configuration (pfsense, unifi) to limit so that the same login could not be used at one time on another device?

arturkruszyna

much appreciated - was wondering how to get a radius profile for windows radius server to auth users on AD !!! .... thank you.

ThePswiegers

Thanks a lot! Are those settings still safe with regard to the Blast-RADIUS attack? Or do we need to configure things differently (e.g. requiring the message authenticator attribute)?

MrK-lq

Great video and very useful and simple explanation.
What is the way to integrate Google SSO authentication with FreeRadius? Thank you in advance!

Vlad_net_

Hi, Greate tutorial, I have the same unifi setup, except I use mikrotik router as the firewall router, and the wifi clients get DHCP address from the Mikrotik via VLAN configured both at the Unifi controller and Mikrotik, I was wondering how I can make this work on that.

TanvirAhmed

nice, but what is solution for android 14 ?

fareedahmedshah

Very Good tutorial my friend ;)
I just do the same thing but on Server 2022 and NPS Radius server.
Connexion is good for all my Windows user. but impossible to connect on mac.
The certificate is not proposed at the connexion, and I Can't even connect to the wifi (with the certificate installed manualy .) Any Idea ?

alexmast

You failed to specify the required encryption algorithms for use with wpa3. If you do not manually specify edcsa 384 septr and higher than 2048 bit clients will simply not connect (and you won’t know why). This will work fine for wpa2, but nothing else…
Edit: I decided to watch your video until the end, and that Mac connecting to the wpa3 network was a fluke (and so, etching that should have not happened). No up to date devices will connect without the security I previously mentioned. Just fyi (and that you may with to try with mobile clients for instance)…

MikeOxlong-

I would love to see a tutorial setting up EAP-TLS (avoiding passwords).. I have been unsuccessful exporting certs to my iphone. It still asks for username/password.

villainpriest

Can I import multiple users to a pfSense for FreeRadius? Or will I need to create user by user?
I didn't find any documentation that helps with this. :/

leosdc_

for client's IP, is it the IP of our Access Point? or can we use 0.0.0.0 for all?

merkava

Can i use PfSense IP for Client IP Address? It's safe?

leosdc_