Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [freeradius]

FreeRADIUS is an open source RADIUS server

FreeRADIUS is an open source RADIUS (Remote Authentication Dial-In User Service) server. It implements AAA: Authentication, Authorization, and Accounting. It is very flexible and has many modules. It supports many backend databases such MySQL, PostgreSQL or Redis for retrieving/saving AAA data.

Official website.

261 questions
1
vote
1 answer

Safe alternatives to using iptables redirection for database

We are using MySQL for our FreeRADIUS user store and accounting database for our web application. I would like to separate the accounting portion of the database, move it to a new server to lighten the database reads and rights, among other…
notmyname
  • 142
  • 6
1
vote
1 answer

Requiring 802.1x login before allowing access to network resources

I have a ZyXel GS2200-24 managed switch, and a free-radius server running on Ubuntu 11.10. Radius is configured and when I log into the switch the authentication goes through Radius. Now, I'm trying to ensure that access to web resources (as an…
Calvin Froedge
  • 538
  • 1
  • 6
  • 16
1
vote
0 answers

Debian 6.0.3, Freeradius 2.1.10, PostgreSQL 8.4 High memory Usage

We are running a Freeradius server on a VMware server and we have a high memory usage that I am trying to troubleshoot. We are running the PostgreSQL 8.4 as the database backend on the same server for the radius server. This issue has…
drivard
  • 407
  • 1
  • 6
  • 17
1
vote
1 answer

Monitor freeradius for failed login attempts and trigger email to user

We have 2 freeradius authentication servers which service around 12k users. Users often enter incorrect credentials and this causes significant strain on the helpdesk. I'd like to write a script to monitor the radius logs for authentication failures…
Michelle
  • 913
  • 5
  • 20
  • 30
1
vote
1 answer

Where can I find the users file for FreeRADIUS in Ubuntu?

I'm using Ubuntu 10.10. I'm trying to learn how to configure a RADIUS server, but I'm having trouble with creating new users to authenticate. Almost all of the tutorials I've found online mention creating users in the users file, yet I can't find it…
Only Bolivian Here
  • 147
  • 1
  • 3
  • 8
1
vote
1 answer

Can freeradius bypass authentication for one realm only?

I have a question similar to this one, but without the VLAN complications. How can(?) I configure FreeRadius 1.x to allow any combination of username/password for one realm only? If FreeRadius 1.x does not provide this ability, does the 2.x line do…
Joe
  • 1,765
  • 15
  • 23
1
vote
2 answers

FreeRADIUS / Active Directory / Computer Authentication

I'm looking for an easy way to turn: User-Name = "host/DESKTOP-F6E023D.msad.domain.net" to the following: Stripped-User-Name := DESKTOP-F6E023D$ realm := msad.domain.net In my virtual server configuration, I've accomplished this using unlang with…
another_netadmin
  • 83
  • 7
1
vote
1 answer

FreeRADIUS & PrivacyIDEA Authentication

I am using PrivacyIDEA's implementation of FreeRADIUS to send authentication requests to PrivacyIDEA. However, I'd like to locally authenticate a specific user if the request comes in. I've modified the users file to include the user and user…
ProfessionalDummy
  • 11
  • 1
1
vote
1 answer

Freeradius with dhcp server: Calls to perl module returns error

This is a continuation of my previous question in sending static routes from Freeradius DHCP server implementation in combination with Strongswan VPN server. When debugging Freeradius using tcpdump and Wireshark I found out that I can send classless…
Lasse Michael Mølgaard
  • 704
  • 7
  • 24
1
vote
1 answer

FreeRadius with mixed CAs

Is it possible to run FreeRadius (version 3.0.13) with two different CAs? So that I have a server certificate from one CA and the client certificates come from a different CA? Our current setup in /etc/raddb/mods-enabled/eap looks a bit like…
Thomas
  • 145
  • 1
  • 5
1
vote
1 answer

Freeradius: Authenticate users on certain condition

There is a network where users are using PPPoE to establish connections to the Access servers. We have lost the billing system and users' DB. The only condition that we know is that 'Valid credential should be credential where username and password…
Vasil German
  • 11
  • 2
1
vote
0 answers

Disassociated WLAN (Disassociated due to inactivity)

I am reading the logs provided by an access point I have broadcasting an 802.11i (WPA) LAN network running with a radius authentication method, and the log returns the following two messages: Aug 31 10:09:54 10.100.1.78 CONN-LOGIN_INFO: [WLAN-1]…
user3105
  • 11
  • 5
1
vote
0 answers

Freeradius doesn't start when CoS user attributes are configured

I have a problem with a POC, I tried use Freeradius for authentication purpose and assign attributes for users of a broadband network (PPPoE). When I configure the user with this parameters I can connect the PPPoE client in the network and the…
Pablo Xavier
  • 11
  • 3
1
vote
0 answers

FreeRADIUS cannot bind to FreeIPA

I have installed FreeRADIUS and FreeIPA on the same machine running Fedora 33. IPA is working as expected and can have clients join and authenticate. LDAP command line tools (ldapsearch, ldapmodify) can successfully bind to the server both locally…
Pontus
  • 11
  • 2
1
vote
1 answer

Strongswan central authentication for already exisint users in database

I have read a lot about authenticating Strongswan to SQL/PAM but can't find any idea/solution how to authenticate against a database where already there are a plenty of username and password combination encrypted with bcrypt+salt. I don't know the…
csib
  • 13
  • 2
1 2 3
17 18