[Samba] Q: Samba AD, Pfsense, Windows 10, vpn

Alexander Harm alexander.harm at apfel-q.de
Mon Mar 16 08:02:48 UTC 2020

I only have some experience with OPNsense but maybe you can relate:

- In my case it was always the certificate. 
- I had to add the cert to the system certs using CLI. Adding them in the WebGUI was not enough.
- Port 636 did not work for me, only 389 using STARTTLS

Hope that helps...
On 16. March 2020 at 08:13:50, Stefan G. Weichinger via samba (samba at lists.samba.org) wrote:

Am 15.03.20 um 10:46 schrieb Christian Naumer via samba:  
>> Am 15.03.2020 um 08:21 schrieb Sérgio Basto via samba <samba at lists.samba.org>:  
>> On Sat, 2020-03-14 at 07:43 -0700, gabben via samba wrote:  
>>> Your pfSense firewall has OpenVPN built into it already, and you can  
>>> point pfSense authentication back to your samba AD. We support over  
>>> 400 users in this model. The configuration file for OpenVPN is common  
>>> to all users, and they authenticate with their AD credentials.  
>> can you give some example of configuration file for OpenVPN ? and more  
>> about howto ?  
> Hello,  
> We also use this. The Documentation is very good:  
> https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/index.html  

I also have that running at a customer.  

Now with the new corona issues in austria I have to set that up for at  
least 2 other sites as well ...  

Unfortunately the pfsense GUI isn't very intuitive or helpful with  
connecting to AD:  

"Could not connect to the LDAP server" means everything from DNS to  
wrong user to missing client cert etc  

To unsubscribe from this list go to the following URL and read the  
instructions: https://lists.samba.org/mailman/options/samba  

More information about the samba mailing list