In order to provide authentication for AD users via pFSense (VPN) I`ll have to connect AD with pFSense.
First step – I created AD group and user that will be service account (pfsense). I already have users with which I˙ll test.
Next step – pfSense. System | User Manager |tab Authentication Servers | +Add
Enter Descriptive name | under Type choose LDAP | IP address – enter your Domain Controller IP |Port should be 389 Transport TCP
Important fields on the next screen are Base DN it should be something like: DC=yourdomainname,DC=local (or whatever you choose)
Authentication containers – example is written in the screenshot. Basically you need to enter your users organizational unit here.
Both info can be found through ADSIedit
Bin credentials – enter username and password of the user you created at the beginning (mine is pfsense)
When you are done – Save