Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [freeradius]

FreeRADIUS is an open source RADIUS server

FreeRADIUS is an open source RADIUS (Remote Authentication Dial-In User Service) server. It implements AAA: Authentication, Authorization, and Accounting. It is very flexible and has many modules. It supports many backend databases such MySQL, PostgreSQL or Redis for retrieving/saving AAA data.

Official website.

261 questions
1
vote
0 answers

Use two Auth-Type in FreeRadius

I have a RADIUS server with works with mysql, I use this RADIUS for AAA for 2 different services, Service1 uses Auth-Type as "PAP" and Service2 uses "EAP" radcheck table +-----+----------+--------------------+----+--------------+ | id | username |…
Varun Taliyan
  • 26
  • 1
  • 7
1
vote
2 answers

TLS keys out of sync? Why does my VPN connection timeout after exactly an hour?

The setup is quite simple. For my home server I use: A server with Pfsense 2.3.4-RELEASE (latest) as OS / firewall An OpenVPN setup (the integrated Pfsense version) as TCP tun (additionally in an useless attempt to solve the issue I added reneg-sec…
Bob Ortiz
  • 442
  • 4
  • 21
1
vote
0 answers

NAS and Freeradius on same machine

I have two routers, let's call it as A and B. The primary idea is to B clients need be authenticated to access internet. The A is connected to the internet. The B is physically connected to A (B WAN interface to A LAN interface). A LAN IP:…
Victor Aurélio
  • 61
  • 5
1
vote
2 answers

ddwrt + Freeradius + LDAP

I am trying to set up an LDAP server for authenticating multiple servers such as ftp and radius (maybe even ssh?) I have a router (ddwrt) which I have been able to authenticate with plaintext passwords in freeradius. Now I want to use an ldap server…
Kevin
  • 213
  • 3
  • 6
1
vote
0 answers

radius authentication -- spiking load ever two hours on the hour

We're using freeradius & winbindd in order to authenticate our EDUROAM Wifi users against the Active Directory domain. This is working like a charm, but we get load-spikes of 30 and more almost every two hours on the hour (during the work hours, at…
Ralf Hildebrandt
  • 489
  • 1
  • 3
  • 11
1
vote
0 answers

FreeRADIUS authentication using Active Directory

I am trying to implement RADIUS authentication using Active Directory. I want requests to RADIUS to be sent to AD server and RADIUS responds according to its result. I've already joined RADIUS server to domain, so I can do ntlm_auth --request-nt-key…
Tatyana
  • 41
  • 4
1
vote
1 answer

FreeRadius authentication issue

Having an odd issue with pptp and freeradiuss on CentOS 6.4 VPSs. I have 1 VPS as the main freeradius server. 2 other VPS are used to connect to via pptp using the remote freeradius to authenticate. 1 VPS is working fine, but the other one is giving…
Ian
  • 29
  • 7
1
vote
2 answers

freeradius, rlm_rest : Failed to Authenticate user

I read : Configuring rlm_rest module in FreeRadius My FreeRadius version is 3.0.11 (git #d667a28) My try is using included demo.pl, just change the port. radtest --> radtest testing testing123 127.0.0.1 1 testing123 I tried some scenario for…
Bino Oetomo
  • 207
  • 3
  • 10
1
vote
1 answer

openvpn radius-plugin does not assign framed-ip-address from freeradius to clients

I am new to openvpn. I have an openvpn setup on ubuntu 14.04 which has a radius AAA backend for authentication, authorization and accounting. In addition to this, we have configured freeradius to assign ips from a pool as framed-ip-address. From…
4_dev
  • 49
  • 1
  • 1
  • 6
1
vote
1 answer

Freeradius / python / package import fail

I'am tring to import an external library into (PyJWT) for a freeradius authorization, but when i run freeradius -X i get this error message. # Instantiating module "python" from file /etc/freeradius/mods-enabled/python mod_init…
Edouard Etancelin
  • 11
  • 3
1
vote
0 answers

MS Active Directory with Google Authenticator

I am currently designing our new internal IT services, including IAM and e-mail. We currently use more or less no IAM or single sign-on solution. We have a WordPress based website, postfix + dovecot based mail server with separate MySQL user…
Mark
  • 63
  • 8
1
vote
1 answer

Windows cannot connect to Enterprise WPA2 WiFi access point with EAP-TTLS PAP authentication using freeradius

I was working on having an Enterprise WiFi access point where my clients need to enter username and password (which are in OpenLDAP directory), using AES, TTLS PAP. I setup my freeradius according to this tutorial:…
Mohammed Noureldin
  • 491
  • 1
  • 9
  • 24
1
vote
0 answers

how to configure freeradius for separate Code and Password prompts, instead of a single Password prompt?

I've got a Freeradius server set up where the users in /etc/freeradius/users have Auth-Type := PAM. This makes radius refer to the /etc/pam.d/radiusd file, and in this file I have auth requisite pam_google_authenticator.so forward_pass auth…
Michael Martinez
  • 2,543
  • 3
  • 20
  • 31
1
vote
0 answers

Can a FreeRadius presenting a SHA1 certificate accept SHA2 client certificates and validate them against a CA that accepts SHA1 and SHA2 certificates?

Can a FreeRadius presenting a SHA1 certificate accept SHA2 client certificates and validate them against a CA that accepts SHA1 and SHA2 certificates? Another option would be that the FreeRadius validates SHA1 signed certificates against one CA and…
Eloy Roldán Paredes
  • 123
  • 6
1
vote
1 answer

With freeradius and PEAP-MSCHAP, how does one limit connectivity to a single group?

I feel like jumping up and down after I got FreeRadius, samba winbind, XCA w/ ECDSA certs, Active Directory, and Ubiquiti Unifi all talking together. Next problem, any valid account in ActiveDirectory will currently authenticate. How do I limit this…
Jonathan S. Fisher
  • 434
  • 4
  • 18
1 2 3
17 18