Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [freeradius]

FreeRADIUS is an open source RADIUS server

FreeRADIUS is an open source RADIUS (Remote Authentication Dial-In User Service) server. It implements AAA: Authentication, Authorization, and Accounting. It is very flexible and has many modules. It supports many backend databases such MySQL, PostgreSQL or Redis for retrieving/saving AAA data.

Official website.

261 questions
1
vote
0 answers

WPA2-EAP MSCHAP-V2 NTLM_AUTH and SQL auth

Good morning, I've running an instance of freeradius 3.0 to use WPA2-Enterprise authentication on my wireless lan. The authentication aggainst the AD works like a charm using ntlm_auth, but now I'm trying to authenticate the users being not in the…
maxulm
  • 11
  • 1
1
vote
1 answer

FreeRadius doesn't log request in Debug mode

Sorry, Radius newbie here … I try to get a FreeRadius server version 3.0.20 as packaged by NixOS running to authenticate users on a dlink access point. I'm running the server with debug logging enabled. I started with the default configuration and…
Matthias Wimmer
  • 128
  • 6
0
votes
1 answer

Strange FreeRadius and Kerberos issue

Currently I am trying to get my FreeRadius server to talk to my FreeIPA server and through some Googling I discovered I need to have FreeRadius talk to Kerberos in order to do user look ups. So I make a Krb5 file located at…
Adam
  • 3
  • 1
0
votes
1 answer

How to configure FreeRADIUS with EAP-TLS and group-based authorization?

I configured FreeRADIUS to use EAP-TLS for certificate based authentication (self-signed certificates). Authentication works fine, except that I'd like to add group-based authorization. More specifically, I need to use the Class attribute to be sent…
j3141592653589793238
  • 75
  • 8
0
votes
1 answer

How to configure FreeRADIUS for use with strongSwan group selection?

Building a VPN service with strongSwan, I need to distinguish between several groups of users where each group is assigned a certain subnet with certain permissions (i.e. "group x" has access only to a specific part of the local subnet, e.g.…
j3141592653589793238
  • 75
  • 8
0
votes
1 answer

Requesting access to a Radius server after having requested a previous (succeful) access to another Radius server

I don't know if this idea is non-sense but I was wondering if it was possible. I have a FreeRadius server backed by a LDAP server with uses EAP-TTLS (that is, username+password) to authenticate. So when users connect to a 802.1x switch, they are…
Osqui
  • 135
  • 8
0
votes
1 answer

Freeradius 3.0.12 doesn't send any data through mysql

After upgrading from v 2.x, freeradius stopped working for me. I have done multiple tshooting steps which led me to believe that the application is not sending any data through MySQL, even though it states to do so. So what I've discovered is that…
naven
  • 1
  • 2
0
votes
1 answer

FreeRADIUS setting to reject user without logging

We use FreeRADIUS to authenticate customer PPP sessions. In some instances it is necessary to block customers, when they cease or fail to pay their bills. At the moment we set an incorrect password or lock the account, but this leads to the…
btongeorge
  • 237
  • 1
  • 7
0
votes
1 answer

FreeRADIUS - Use different pipeline for different clients

I currently have a FreeRADIUS setup using EAP-TTLS. I'd like to set it up such that requests coming from localhost use PAP, but that other requests still use EAP-TTLS. How do I select authentication method used on a per-client basis?
Tim Morris
  • 123
  • 3
0
votes
0 answers

StrongSwan, Let’s Encrypt and a FreeRadius Server

i config StrongSwan + with Let’s Encrypt ssl work fine but when i connect it to FreeRadius server i got error in 4 response and client side get error user authentication failed 13[NET] received packet: from 5.212.174.225[4500] to…
SaTaN InSiDe
  • 1
0
votes
1 answer

TOTP / FreeRADIUS on pfsense - Authentication Failed error

I am setting up freeradius on pfsense with the google authenticator option following this guide: https://blog.vonhewitt.com/2017/08/pfsense-openvpn-setup-with-freeradius3p3/ However, when I test the authentication under diagnostics > authentication…
la4l2mhu8k61
  • 1
  • 2
0
votes
1 answer

Why is radtest not working, and returning an error about radclient?

I've installed Free Radius following these steps: sudo apt install freeradius freeradius-config sudo sed -i '1s/^/steve Cleartext-Password := "testing"\n/' /etc/freeradius/3.0/users sudo systemctl stop freeradius.service sudo usermod -a -G ssl-cert…
dǝɥɔS ʇoıןןƎ
  • 143
  • 5
0
votes
1 answer

pam_radius_auth : DEBUG : getservbyname(radius,udp) returned -1217119556 on DEBIAN 9.6

I have two debian servers connected. I set FreeRADIUS on a Debian Server (10.10.10.20). And I'd like the another Debian Server (10.10.10.10) can login locally using the users listed on RADIUS Server. I use libpam-radius-auth. But when I try to login…
Kevin Timotius
  • 1
  • 2
0
votes
1 answer

Mikrotik + Freeradius + Mikrotik-Address-List

I have Mikrotik which works like PPTP server and Freeradius for authentication and authorization. How to assign PPTP user's IP or name in Freeradius (user1 = 10.11.1.145 in my case) with Mikrotik's firewall group? I need all this stuff because…
Newbie21231
  • 1
  • 2
0
votes
1 answer

freeradius mac authentication error (mac address not found?)

So I set up a freeradius 3.0 server on Debian 9 following the official documentation here and here. I have an authorized_mac file with the addresses of my devices and in the file /etc/freeradius/3.0/mods-enabled/files I indicated which file my mac…
user520430
1 2 3
17 18