[Samba] Q: Samba AD, Pfsense, Windows 10, vpn

Alexander Harm alexander.harm at apfel-q.de
Mon Mar 16 08:02:48 UTC 2020


I only have some experience with OPNsense but maybe you can relate:

- In my case it was always the certificate. 
- I had to add the cert to the system certs using CLI. Adding them in the WebGUI was not enough.
- Port 636 did not work for me, only 389 using STARTTLS

Hope that helps...
On 16. March 2020 at 08:13:50, Stefan G. Weichinger via samba (samba at lists.samba.org) wrote:

Am 15.03.20 um 10:46 schrieb Christian Naumer via samba:  
>  
>  
>> Am 15.03.2020 um 08:21 schrieb Sérgio Basto via samba <samba at lists.samba.org>:  
>>  
>> On Sat, 2020-03-14 at 07:43 -0700, gabben via samba wrote:  
>>> Your pfSense firewall has OpenVPN built into it already, and you can  
>>> point pfSense authentication back to your samba AD. We support over  
>>> 400 users in this model. The configuration file for OpenVPN is common  
>>> to all users, and they authenticate with their AD credentials.  
>>  
>> can you give some example of configuration file for OpenVPN ? and more  
>> about howto ?  
>  
> Hello,  
> We also use this. The Documentation is very good:  
> https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/index.html  

I also have that running at a customer.  

Now with the new corona issues in austria I have to set that up for at  
least 2 other sites as well ...  


Unfortunately the pfsense GUI isn't very intuitive or helpful with  
connecting to AD:  

"Could not connect to the LDAP server" means everything from DNS to  
wrong user to missing client cert etc  


--  
To unsubscribe from this list go to the following URL and read the  
instructions: https://lists.samba.org/mailman/options/samba  


More information about the samba mailing list