Questions tagged [radius]

Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect and use a network service.

RADIUS is a client/server protocol that runs in the application layer, using UDP as transport. The Remote Access Server, the Virtual Private Network server, the Network switch with port-based authentication, and the Network Access Server (NAS), are all gateways that control access to the network, and all have a RADIUS client component that communicates with the RADIUS server. The RADIUS server is usually a background process running on a UNIX or Microsoft Windows server.[3] RADIUS serves three functions:

to authenticate users or devices before granting them access to a network
to authorize those users or devices for certain network services and
to account for usage of those services.

Source: wikipedia

339 questions

votes

5 answers

Setting up RADIUS + LDAP for WPA2 on Ubuntu

I'm setting up a wireless network for ~150 users. In short, I'm looking for a guide to set RADIUS server to authenticate WPA2 against a LDAP. On Ubuntu. I got a working LDAP, but as it is not in production use, it can very easily be adapted to…

asked Jul 29 '09 at 22:51

Morten Siebuhr

votes

7 answers

Why would you use EAP-TTLS instead of PEAP?

As I understood EAP-TTLS and PEAP share same level of security when implemented in wireless networks. Both only provide server side authentication via certificate. The drawback of EAP-TTLS can be non native support in Microsoft Windows so every…

security wifi radius peap

asked Jan 12 '12 at 15:44

Ivan Macek

votes

2 answers

Beginners questions on how RADIUS and WiFi authentication works

I am a network admin at a high school in South Africa, running on a Microsoft network. We have approximately 150 PCs around the campus, of which at least 130 are wired to the network. The remaining are staff laptops. All IP addresses are assigned…

wifi radius captive-portal

asked Aug 22 '09 at 12:10

Philip

votes

2 answers

Smart card authentication to a Cisco switch?

We have our Cisco network devices configured to authenticate network administrators using their domain accounts via RADIUS running on a Windows 2008R2 server with the network protection role. This works great for logging into the switch via SSH…

cisco radius smartcard pki

asked Jun 03 '11 at 21:01

murisonc

2,968
2
20
30

votes

4 answers

Authentication via RADIUS : MSCHAPv2 Error 691

I am working on setting up authentication into an Acme Packet Net-Net 3820 (SBC) via RADIUS. The accounting side of things is working just fine with no issues. The authentication side of things is another matter. I can see from a packet capture that…

windows-authentication radius nps

asked Jun 26 '14 at 18:35

New Guy

votes

2 answers

How can I get a Radius server that can authenticate using my Google Apps domain credentials?

We do have a Google Apps domain and we want to configure a Radius server in order to allow people to login to our corporate WiFi or VPN using their corporate credentials (Google Apps). To make the issue even more complex, we already have 2FA enabled…

g-suite radius

asked Jul 12 '16 at 16:30

sorin

7,668
24
75
100

votes

4 answers

Wireless AAA for a small, bandwidth-limited hotel

We (the tech I work with and myself) live in a remote northern town where Internet access is somewhat of a luxury, and bandwidth is quite limited. Here, overage charges ranging from few hundreds, to few thousands of dollars a month, is not uncommon.…

router internet radius pfsense bandwidth-control

asked Feb 17 '10 at 08:08

Anthony Hiscox

votes

1 answer

How do I get as much debugging info as possible out of the Network Policy Server (ias) service?

We are trying to authenticate a client on remote vpn, through a Meraki Z1 teleworker appliance. The Z1 is sending a proper request, the Network Policy Server (ias) service is apparently authenticating the user because our NPS log shows that there…

windows windows-event-log radius nps windows-ias-server

asked Dec 22 '14 at 17:12

Peter Grace

3,446
1
26
42

votes

1 answer

Network Policy Server Granular Time Restrictions

I am configuring NPS as a RADIUS authentication source for my wireless clients. I am trying to differentiate between school hours and after hours as I need to connect certain users to a different network for after hours access to extra resources. I…

radius 802.1 nps

asked Jan 08 '13 at 21:22

Littlejon

votes

1 answer

WPA2 Enterprise without a Client-End Certificate

This question is practically identical to this question, but the difference being that the authentication server is freeRADIUS on Ubuntu and the access-points are DD-WRT. Additionally, I would like to know if there is any risk to disabling TTLS…

authentication wifi radius wpa2

asked Aug 18 '12 at 01:28

Seanny123

votes

3 answers

802.1x automatically validate certificate in windows clients

We're deploying a wireless networking using Windows Server 2008 NAC as a RADIUS server. When Windows XP or 7 clients connect they initally fail to connect. In order to enable the client to connect we have to add the network manually and un-check the…

ssl-certificate certificate wifi radius 802.1

asked Jul 12 '12 at 21:33

Jona

votes

1 answer

Third Party Wildcard Certificates for use with Microsoft NPS / RADIUS / PEAP

I want to replace the SSL certificate that is used for PEAP on our NPS server that is doing RADIUS authentication for our Cisco WLCs. The current certificate is a SSL certificate that does Client Authentication and Server Authentication. We want to…

windows-server-2008-r2 tls radius nps peap

asked Oct 05 '11 at 20:15

MDMarra

100,183
32
195
326

votes

1 answer

Use Azure Active Directory as RADIUS server for VPN gateway?

I'm using Azure Active Directory (Premium, with full MFA). I've set up a VPN gateway and would like users to be able to authenticate to it using their Azure AD username and password (instead of certificates). From everything I read, this should be…

radius azure-active-directory azure-networking

asked Nov 28 '17 at 12:04

Herb Caudill

votes

1 answer

Testing radius server from Mac OS X client

I have a radius server set up on a server running Ubuntu 11.04. I have configured my switch to use the authentication server's IP (192.168.1.2) for RADIUS / 802.1x authentication, and I created a connection to test connecting from my Mac OSX…

networking radius 802.1

asked Nov 23 '11 at 18:05

Calvin Froedge

votes

2 answers

2FA via freeRADIUS, ignoring password

I've been tasked with setting up freeRADIUS to prompt a user for their second authentication factor (eg. Google Authenticator OTP) BUT without first checking the user's password. I'm coming into this completely blind, with no prior RADIUS…

radius freeradius two-factor-authentication

asked Oct 01 '18 at 13:38

Jeedee

2 3

…

22 23 Next