Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [freeradius]

FreeRADIUS is an open source RADIUS server

FreeRADIUS is an open source RADIUS (Remote Authentication Dial-In User Service) server. It implements AAA: Authentication, Authorization, and Accounting. It is very flexible and has many modules. It supports many backend databases such MySQL, PostgreSQL or Redis for retrieving/saving AAA data.

Official website.

261 questions
1
vote
1 answer

Using python in FreeRADIUS

There seems to be documentation lacking on how to use the python module in FreeRADIUS. I want to use python to interpret a MAC address (in %{Calling-Station-ID}) and return an IP address. In my sites-enabled/default I have: accounting…
AWippler
  • 1,055
  • 1
  • 12
  • 32
1
vote
1 answer

FreeRADIUS mschap

Following this guide, I am trying to set up FreeRADIUS to authenticate against Active Directory. I can get an Access-Accept message when I send the password in plaintext (using the DEFAULT Auth-Type = ntlm_auth method); however, I want to use…
AWippler
  • 1,055
  • 1
  • 12
  • 32
1
vote
2 answers

Point of Shared Secrets on RADIUS Servers over a Cisco Switch

I was wondering what the point of Shared Secrets are on RADIUS servers if I set the secret in the Cisco switch configuration. If the supplicant wanting to be authenticated does not have to know it, what is the point? Thanks
Alex
  • 11
  • 3
1
vote
0 answers

Can't run freeradius as a service

I have a radiusd server on a virtual machine, it's already configured and working when I issue "radiusd -X" aka debug mode. My only issue is that when I try to run it as a service it fails... Here's the error I got in the logs, "Sat Jun 28 17:51:12…
Bryce Tichit
  • 11
  • 3
1
vote
1 answer

FreeRadius MSCHAP Authentication With Realm Fails

I have FreeRadius 2.0 server with AD as user store. Authenticating using EAP-PEAP-MSCHAP2.Local realm is defined in proxy.conf. Authentications works fine without realm added to the username. As soon as I authenticate using username with realm, i.e.…
Gazel
  • 293
  • 1
  • 4
  • 9
1
vote
1 answer

Authentication to Squid proxy with a RADIUS-authenticated client

I want to set up a wireless environment where WPA2-Enterprise is used for authentication to a FreeRADIUS server (using EAP-TTLS or PEAP), and the wireless client is seamlessly routed through and authenticated to a Squid proxy. I can get the…
Robin McCorkell
  • 273
  • 1
  • 10
1
vote
1 answer

l2tp/pptp + freeradius (accounting information only gets updated on disconnect)

I have a basic PPTP/L2TP setup that uses a remote freeradius server with mysql. Issue is that when a user gets connected to the vpn and as long as the user stays connected (could be hours), no accounting data is updated (bandwidth usage). Only on…
miso
  • 11
  • 2
1
vote
2 answers

How to limit user's access to a specific NAS?

I'm new to RADIUS and I have just set up a very basic FreeRADIUS server for 802.1x (WPA). I use EAP, MySQL as backend with daloRADIUS as webGUI (for user management, mainly). I got two WiFi networks, one private network and a guest network. Now I…
Compizfox
  • 375
  • 1
  • 6
  • 17
1
vote
0 answers

Checking Statement of Health (NAP) info on Linux using Dhcp and Radius

I have a Linux DHCP server and windows clients. I want my DHCP server to assign an IP address from a network let's say 10.6.3.0/255.255.255.128 if the client has it's firewall enabled or an IP address from a different network if the client has it's…
Alptugay
  • 211
  • 3
  • 8
1
vote
1 answer

Replacing a Freeradius library

I have a freeradius 2.0.4 server i want to update.it has been running without interruption for 2 years. My update consists only in updating the chap module without creating a new one. To avoid discontinuity of service and be sure that all configs…
yco
  • 113
  • 2
1
vote
1 answer

freeradius server adding additional check

I successfully managed to deploy a freeradius server and created a python script which does an additional check on the user (incoming request). I checked the internet (resources for freeradius are pretty horrible) and only found a thread which…
Romeo Mihalcea
  • 502
  • 1
  • 6
  • 24
1
vote
1 answer

Cisco 3750 switch wont transmit radius request to server

We have a radius server running on our lan and i am able to authenticate against it through direct link to the server. However when we want our clients to connect through our switch (cisco 3750 Version 12.2(55)SE7) no request is received by our…
timmeyh
  • 958
  • 1
  • 6
  • 25
1
vote
1 answer

possible? radius server with active directory users and google authentication

We currently have an old RSA token - Radius environment we want to replace Would this architecture be possible? (this works, there are examples on the internet) Linux server Google Authentication Fee radius server Now the new part: User list would…
hoberion
  • 231
  • 2
  • 15
1
vote
0 answers

FreeRadius external authenification script

I am trying to configure FreeRadius to work with my external authentification script. I have a custom module exec myscript { wait = yes shell_escape = yes program = "/path/to/myscript %{Stripped-User-Name}…
h9lpq0u
  • 111
  • 2
1
vote
2 answers

About radiusclient command

I have installed freeradius server 2.1.12 and freeradius client 1.1.6 on different virtual machine (redhat linux) ,and tested the server using radtest which is running . I have set up the connection between client and server and tested the…
Harman
  • 11
  • 1
  • 2
1 2 3
17 18