{"id":59890,"date":"2022-03-07T11:00:00","date_gmt":"2022-03-07T16:00:00","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=59890"},"modified":"2024-05-16T10:38:00","modified_gmt":"2024-05-16T14:38:00","slug":"manage-and-secure-remote-access-to-pfsense","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense","title":{"rendered":"Manage and Secure Remote Access to pfSense"},"content":{"rendered":"\n<p>Work from anywhere isn\u2019t restricted to employees at small to medium-sized enterprises (SMEs). Many IT teams and managed service providers (MSPs) work in distributed teams, which necessitates securing access to network infrastructure and closely managing user identities. However, these foundational security controls are too often disregarded when internal budgets, or asking a client to spend more for remote access, fail to address the potential security risks.<\/p>\n\n\n\n<p>This article is part of a series of how-tos that demonstrate how to use JumpCloud\u2019s capabilities to achieve better security with minimal costs using a centralized platform that includes everything required to secure access to your network. It has the added bonus of providing single sign-on (SSO) beyond this scenario, delivering identity and access management (IAM) for every service your organization may use, and eliminating managing passwords <em>everywhere<\/em>.<\/p>\n\n\n\n<p>pfSense is a popular open source firewall and router that provides multiple interfaces for external authentication, even <a href=\"https:\/\/jumpcloud.com\/platform\/multi-factor-authentication-mfa\">multi-factor authentication (MFA)<\/a> through RADIUS. The prerequisites to secure access to pfSense using MFA through JumpCloud\u2019s services are:<\/p>\n\n\n\n<ul>\n<li>JumpCloud\u2019s RADIUS services<\/li>\n\n\n\n<li>JumpCloud\u2019s MFA services\n<ul>\n<li>An <a href=\"https:\/\/jumpcloud.com\/blog\/push-notification-mfa-using-jumpcloud-protect\">authenticator app<\/a> that supports Time-based One-time Password (<a href=\"https:\/\/jumpcloud.com\/blog\/totp-mfa\">TOTP<\/a>)<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>JumpCloud\u2019s cloud directory groups, with specific settings outlined below<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Using MFA and RADIUS for Access Control<\/h2>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>Use LDAP if you want to run pfSense in HA mode and <em>CARP<\/em>\u00a0for IP address redundancy (without NAT).<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p>JumpCloud makes it possible for a RADIUS challenge to incorporate TOTP tokens, using the the JumpCloud Protect\u2122 multi-factor authentication app. User passwords are amended to include a token every time a user logs into the appliance. Users are managed from within JumpCloud\u2019s directory groups, which are bound with a RADIUS configuration that\u2019s specific to pfSense. Our directory determines that every group within that group must be enrolled with MFA services to log into any service that JumpCloud connects them to, including pfSense. A user group account within pfSense determines what level of admin rights are assigned.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Setting Up JumpCloud RADIUS, MFA<\/h3>\n\n\n\n<p>Every JumpCloud account includes RADIUS services, which are <a href=\"https:\/\/support.jumpcloud.com\/support\/s\/article\/JumpCloud-RADIUS-MFA#Connect\" target=\"_blank\" rel=\"noreferrer noopener\">configured<\/a> using the following steps.<\/p>\n\n\n\n<p>To configure RADIUS, MFA for a new server:<\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/login\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.<\/li>\n\n\n\n<li>Go to User Authentication &gt; RADIUS.<\/li>\n\n\n\n<li>Click ( + ). The new RADIUS server panel appears.<\/li>\n\n\n\n<li>Configure the RADIUS server:<\/li>\n<\/ol>\n\n\n\n<ul>\n<li>Enter a name for the server. This value is arbitrary.<\/li>\n\n\n\n<li>Enter a public IP address from which your organization&#8217;s traffic will originate.\n<ul>\n<li><strong>You must use the external IP for pfSense.<\/strong><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Provide a shared secret. This value is shared with the device or service endpoint you&#8217;re pairing with the RADIUS server.<\/li>\n\n\n\n<li>Next, add RADIUS to the appropriate response values within the \u201cRADIUS Reply Attributes\u201d tab of your user group (or the \u201cgroup\u201d information won\u2019t populate within pfSense). Your group name may be different than the one below:<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"692\" height=\"575\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2022\/05\/1.2-26.png\" alt=\"\" class=\"wp-image-63683\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/1.2-26.png 692w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/1.2-26-300x249.png 300w\" sizes=\"(max-width: 692px) 100vw, 692px\" \/><\/figure>\n\n\n\n<ol start=\"5\">\n<li>Configure TOTP multi-factor authentication for the RADIUS server:<\/li>\n<\/ol>\n\n\n\n<ul>\n<li>\u200bToggle the TOTP MFA Enforcement for this RADIUS server option to \u201cOn\u201d to enable MFA for this server. This option is \u201cOff\u201d by default.<\/li>\n\n\n\n<li>Select \u201cChallenge active TOTP users\u201d to require all JumpCloud users with MFA active for their account to provide a TOTP code when they connect to this server.&nbsp;<\/li>\n\n\n\n<li>Select \u201cChallenge all users,\u201d unless they are in active an enrollment period, to require all JumpCloud users that aren\u2019t in an MFA enrollment period to provide a TOTP code when they connect to this server.<\/li>\n\n\n\n<li>Select \u201cChallenge all users, including during an enrollment period\u201d to require all JumpCloud users, even those in MFA enrollment periods, to provide a TOTP code when they connect to this server.<\/li>\n<\/ul>\n\n\n\n<ol start=\"6\">\n<li>To grant access to the RADIUS server, click the User Groups tab, then select the appropriate groups of users you want to connect to the server. <em>Remember that the groups management interface is where the \u201cRADIUS Reply Attributes\u201d must go.<\/em><\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"692\" height=\"475\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2022\/05\/2.2-21.png\" alt=\"\" class=\"wp-image-63684\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/2.2-21.png 692w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/2.2-21-300x206.png 300w\" sizes=\"(max-width: 692px) 100vw, 692px\" \/><\/figure>\n\n\n\n<p>This <a href=\"https:\/\/support.jumpcloud.com\/support\/s\/article\/getting-started-groups\" target=\"_blank\" rel=\"noreferrer noopener\">article<\/a> details how to manage users and groups within JumpCloud.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Configuring pfSense<\/h3>\n\n\n\n<p>You\u2019ll use the information contained in JumpCloud\u2019s RADIUS interface to create a new RADIUS server entry within pfSense, here:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"692\" height=\"430\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2022\/05\/3.2-9.png\" alt=\"\" class=\"wp-image-63685\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/3.2-9.png 692w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/3.2-9-300x186.png 300w\" sizes=\"(max-width: 692px) 100vw, 692px\" \/><\/figure>\n\n\n\n<p><em>Note that JumpCloud only uses port 1812.<\/em><\/p>\n\n\n\n<p>You\u2019ll then enter an arbitrary name for the RADIUS server, one of JumpCloud\u2019s <a href=\"https:\/\/support.jumpcloud.com\/support\/s\/article\/configuring-a-wireless-access-point-wap-vpn-or-router-for-jumpclouds-radius1-2019-08-21-10-36-47\" target=\"_blank\" rel=\"noreferrer noopener\">RADIUS IPs<\/a>, and paste the shared secret where it\u2019s indicated. Importantly, ensure that the password authentication protocol (PAP) is selected as the Authentication Method in order to engage the RADIUS challenge. A TOTP token from JumpCloud MFA, which you can add as an account in an authentication app, is the \u201cresponse\u201d to the challenge that will validate your users.<\/p>\n\n\n\n<p>You will then proceed to create a user group for your remote admins within pfSense, following these steps:&nbsp;<\/p>\n\n\n\n<ul>\n<li>It should have the exact \u201cgroup name\u201d as the administrative group you\u2019re using within JumpCloud.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Determine which access rights are appropriate for each user group. You can learn more about pfSense privileges <a href=\"https:\/\/docs.netgate.com\/pfsense\/en\/latest\/usermanager\/privileges.html\" target=\"_blank\" rel=\"noreferrer noopener\">here<\/a>.<\/li>\n\n\n\n<li>Select \u201cRemote\u201d under \u201cScope.\u201d<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"692\" height=\"390\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2022\/05\/4.2-6.png\" alt=\"\" class=\"wp-image-63686\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/4.2-6.png 692w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/4.2-6-300x169.png 300w\" sizes=\"(max-width: 692px) 100vw, 692px\" \/><\/figure>\n\n\n\n<p>You may test connectivity with JumpCloud RADIUS services in the \u201cAuthentication Servers\u201d tab. The name of your group will flow through from JumpCloud if all settings are input correctly.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"692\" height=\"330\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2022\/05\/5.2-2.png\" alt=\"\" class=\"wp-image-63687\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/5.2-2.png 692w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/5.2-2-300x143.png 300w\" sizes=\"(max-width: 692px) 100vw, 692px\" \/><\/figure>\n\n\n\n<p><strong>Note: This approach will only work when you add a TOTP token, following a comma, to your password. For example, \u201cpassword123\u201d becomes \u201cpassword123,tokenstring\u201d. <\/strong>Your logins are now MFA enabled, and pfSense admin users will now be centrally managed from within JumpCloud\u2019s cloud directory.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Recommended Security Steps<\/h2>\n\n\n\n<p>PAP transmits passwords in cleartext. Adding MFA to the authentication process increases security, but we strongly recommend the following steps:<\/p>\n\n\n\n<ul>\n<li>Connect through a VPN using a secure tunnel (SSL or IPSEC).<\/li>\n\n\n\n<li>Consider isolating this traffic through its own <a href=\"https:\/\/jumpcloud.com\/blog\/dynamic-vlan-assignment\">VLAN<\/a> and segment your network away from end-user traffic.<\/li>\n\n\n\n<li>Use the strong shared secret that JumpCloud generates for RADIUS and treat it as you would a password.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Try JumpCloud<\/h2>\n\n\n\n<p>To connect to pfSense securely with JumpCloud, <a href=\"http:\/\/jumpcloud.com\/signup\">sign up for a trial<\/a> of the JumpCloud platform today.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>JumpCloud makes it possible for a RADIUS challenge to incorporate MFA, adding another layer of authentication to pfSense logins.<\/p>\n","protected":false},"author":150,"featured_media":9826,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[2781,2337],"tags":[2679,2644,2680,2379],"collection":[2779,2775,2780],"platform":[],"funnel_stage":[3014],"coauthors":[2535],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Manage and Secure Remote Access to pfSense - JumpCloud<\/title>\n<meta name=\"description\" content=\"JumpCloud makes it possible for a RADIUS challenge to incorporate MFA, adding another layer of authentication to pfSense logins.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Manage and Secure Remote Access to pfSense\" \/>\n<meta property=\"og:description\" content=\"JumpCloud makes it possible for a RADIUS challenge to incorporate MFA, adding another layer of authentication to pfSense logins.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:published_time\" content=\"2022-03-07T16:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-16T14:38:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/11\/Firewall-Icon-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"500\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"David Worthington\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"David Worthington\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#article\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense\"},\"author\":{\"name\":\"David Worthington\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e\"},\"headline\":\"Manage and Secure Remote Access to pfSense\",\"datePublished\":\"2022-03-07T16:00:00+00:00\",\"dateModified\":\"2024-05-16T14:38:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense\"},\"wordCount\":970,\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/11\/Firewall-Icon-1.png\",\"keywords\":[\"firewalls\",\"networks\",\"pfsense\",\"RADIUS\"],\"articleSection\":[\"How-To\",\"Remote Work\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense\",\"url\":\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense\",\"name\":\"Manage and Secure Remote Access to pfSense - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/11\/Firewall-Icon-1.png\",\"datePublished\":\"2022-03-07T16:00:00+00:00\",\"dateModified\":\"2024-05-16T14:38:00+00:00\",\"description\":\"JumpCloud makes it possible for a RADIUS challenge to incorporate MFA, adding another layer of authentication to pfSense logins.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/11\/Firewall-Icon-1.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/11\/Firewall-Icon-1.png\",\"width\":500,\"height\":500},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Manage and Secure Remote Access to pfSense\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e\",\"name\":\"David Worthington\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/d9acf1381c6e5b50c0f50d47b7b05411\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g\",\"caption\":\"David Worthington\"},\"description\":\"I'm the JumpCloud Champion for Product, Security. JumpCloud and Microsoft certified, security analyst, a one-time tech journalist, and former IT director.\",\"sameAs\":[\"https:\/\/jumpcloud.com\/blog\",\"david.worthington@jumpcloud.com\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Manage and Secure Remote Access to pfSense - JumpCloud","description":"JumpCloud makes it possible for a RADIUS challenge to incorporate MFA, adding another layer of authentication to pfSense logins.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense","og_locale":"en_US","og_type":"article","og_title":"Manage and Secure Remote Access to pfSense","og_description":"JumpCloud makes it possible for a RADIUS challenge to incorporate MFA, adding another layer of authentication to pfSense logins.","og_url":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense","og_site_name":"JumpCloud","article_published_time":"2022-03-07T16:00:00+00:00","article_modified_time":"2024-05-16T14:38:00+00:00","og_image":[{"width":500,"height":500,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/11\/Firewall-Icon-1.png","type":"image\/png"}],"author":"David Worthington","twitter_card":"summary_large_image","twitter_misc":{"Written by":"David Worthington","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#article","isPartOf":{"@id":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense"},"author":{"name":"David Worthington","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e"},"headline":"Manage and Secure Remote Access to pfSense","datePublished":"2022-03-07T16:00:00+00:00","dateModified":"2024-05-16T14:38:00+00:00","mainEntityOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense"},"wordCount":970,"publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/11\/Firewall-Icon-1.png","keywords":["firewalls","networks","pfsense","RADIUS"],"articleSection":["How-To","Remote Work"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense","url":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense","name":"Manage and Secure Remote Access to pfSense - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/11\/Firewall-Icon-1.png","datePublished":"2022-03-07T16:00:00+00:00","dateModified":"2024-05-16T14:38:00+00:00","description":"JumpCloud makes it possible for a RADIUS challenge to incorporate MFA, adding another layer of authentication to pfSense logins.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/11\/Firewall-Icon-1.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/11\/Firewall-Icon-1.png","width":500,"height":500},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-pfsense#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Manage and Secure Remote Access to pfSense"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e","name":"David Worthington","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/d9acf1381c6e5b50c0f50d47b7b05411","url":"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g","caption":"David Worthington"},"description":"I'm the JumpCloud Champion for Product, Security. JumpCloud and Microsoft certified, security analyst, a one-time tech journalist, and former IT director.","sameAs":["https:\/\/jumpcloud.com\/blog","david.worthington@jumpcloud.com"]}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/59890"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/150"}],"replies":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/comments?post=59890"}],"version-history":[{"count":3,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/59890\/revisions"}],"predecessor-version":[{"id":110402,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/59890\/revisions\/110402"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media\/9826"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=59890"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/categories?post=59890"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/tags?post=59890"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/collection?post=59890"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=59890"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=59890"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=59890"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}