Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [freeradius]

FreeRADIUS is an open source RADIUS server

FreeRADIUS is an open source RADIUS (Remote Authentication Dial-In User Service) server. It implements AAA: Authentication, Authorization, and Accounting. It is very flexible and has many modules. It supports many backend databases such MySQL, PostgreSQL or Redis for retrieving/saving AAA data.

Official website.

261 questions
1
vote
1 answer

Radius and FE80::/16 ignoring client

Why is my freeradius sever ignoring FE80::/16 clients? client.conf: client localhost { ipaddr = 127.0.0.1 < secret = testing123< require_message_authenticator = no nastype = other } client fe80::/16 { secret = testing123-2< …
Chris
  • 25
  • 7
1
vote
1 answer

How can I configure openLDAP to lookup userPassword via FreeRadius?

I am running Ubuntu 12.04 and OpenLDAP 2.4.28-1.1ubuntu4.5. I have users populated in LDAP with userPassword attribute being an {SHA1} hash. Users are able to login over SSH and authenticate to web applications. Now, I'd like to add Radius…
Server Fault
  • 3,454
  • 7
  • 48
  • 88
1
vote
0 answers

freeradius client send only accounting request, not access request

I have freeradius 2.2.6. Only at first connection the client send both access request and accounting request. subsequent connections sends only accouting request! This problem occurs ONLY with sone smartphones (all other device work) however the…
Riccardo Locatelli
  • 21
  • 3
1
vote
0 answers

Same VLAN for LAN only and Internet users on 802.1x network with pfSense as gateway

I am creating an ISP for a student residence. The LAN is already there and working, with several CISCO switches. I want to provide Internet by a secured and automatic way to those who pay for it (monthly). In short future, there also might be an…
qschulz
  • 111
  • 2
1
vote
0 answers

How to set up a simple Cisco ISG config for controlling internet access

First off, here is my config so far. http://pastebin.com/fV2NGCE2 I've gone through a few guides online and the 15.2s manual and the xe3 manual for Cisco's ISG (intelligent services gateway) and understand what I want to obtain from using it, but I…
lukeismighty
  • 11
  • 5
1
vote
1 answer

mod_auth_radius secure over https?

mod_auth_radius README file says: Using static passwords & RADIUS authentication over the web is a BAD IDEA. Everyone can sniff the passwords, as they're sent over the net in the clear. If I serve the page over https, will it be secure then? Or…
Karel
  • 629
  • 9
  • 16
1
vote
2 answers

FreeRADIUS policy to restrict certain users trying to log on a specific device

What I have: freeradius 2.1.10 on debian, configured to use a database. How it works now: There are many devices on the network and users, the users log on devices to configure them and so on. The users can log on to anything. For example some…
Recct
  • 360
  • 1
  • 3
  • 20
1
vote
1 answer

Freeradius TLS cetificate(win 7 and previous)

I'm configuring FreeRADIUS 2.2.6. I use TLS because TTLS is not supported by windows 7. With Windows 8.1 the WiFi connection works very well without installing certificate With Windows 7 and previous the connection doesn't work without…
Riccardo Locatelli
  • 21
  • 3
1
vote
2 answers

Freeradius and self signed-certificate

our current wi-fi infrastructure is based on a Debian box that hosts Freeradius with LDAP backend. Currently we have two 802.1x protected SSIDs, a public and a private network: depending on an LDAP attribute, an user can connect to the first or to…
J.B.
  • 305
  • 7
  • 22
1
vote
1 answer

FreeRadius Accounting not working, bad passwords not cheked

I'm trying to configure a captive portal using a router with OpenWRT+ChilliSpot and an external server with Freeradius and a Web Server. ChilliSpot 1.3.0 My issue right now is that the freeradius server answer OK if the username exists on…
AlvaroAV
  • 151
  • 2
  • 11
1
vote
3 answers

Is there a way to allow all external ip connections (i.e ipv6 as well as ipv4) in FreeRadius?

I need to accept all incoming connections to the FreeRadius server be it ipv6 or ipv4. I know that we can allow all ipv4 clients with: client 0.0.0.0/0 { secret = abcde shortname = xxxx } How to accept all ipv6 addresses as well on the same…
RoshP
  • 21
  • 1
  • 4
1
vote
2 answers

Cisco Aironet AP1260 can't reach FreeRADIUS server

I have a problem with a Cisco Aironet AP1260 standalone access point and a FreeRADIUS server. I'm trying to set up a 802.11x access point with authentication on a FreeRADIUS server. I have set up both AP and server, created a temporal user in…
namikiri
  • 11
  • 5
1
vote
1 answer

FreeRADIUS certificate is going to expired

Recently I've created a RADIUS server (Freeradius) that authenticate with Active Directory. I follow this link to create this server: Now, when I see the "server.cnf" file into /etc/raddb/cert , I just realized that the certification will be…
Debian
  • 51
  • 2
  • 5
1
vote
0 answers

FreeRadius-GoogleAuthenticator-Kerberos Password Change Weirdness

We are using FreeRadius, Kerberos and Google Authenticator to implement two-factor authentication. The two factor auth works fine, both from radtest and from a Watchguard firewall. To log in, a user enters their Kerberos password and concatenates…
DASHbay
  • 11
  • 1
1
vote
0 answers

Authenticate users from Active Directory with UserPrincipalName or Mail with FreeRADIUS

According to this documentation: http://deployingradius.com/documents/configuration/active_directory.html ; FreeRADIUS can authenticate Active Directory users using Samba's ntlm_auth, and in fact it works really well with the MSCHAPv2 protocol. But…
Vinícius Ferrão
  • 5,400
  • 10
  • 52
  • 91
1 2 3
17 18