Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [freeradius]

FreeRADIUS is an open source RADIUS server

FreeRADIUS is an open source RADIUS (Remote Authentication Dial-In User Service) server. It implements AAA: Authentication, Authorization, and Accounting. It is very flexible and has many modules. It supports many backend databases such MySQL, PostgreSQL or Redis for retrieving/saving AAA data.

Official website.

275 questions
3
votes
2 answers

freeradius two factor without factor concatenation

I have a cisco router providing an SSL VPN server which is talking to freeradius, which in turn uses pam and two pam modules (sss & yubico) to provide two factor authentication for the VPN. All is good in the world and it does work, except that for…
Sirex
  • 5,499
  • 2
  • 33
  • 54
3
votes
2 answers

TLS from Radius for Wifi is rejected by Win7

We do have the following Setup at our company Synology RS812+ hosting LDAP, RADIUS, DNS (Version DSM 5.0-4458 Update 2) 2*Cisco Wifi APs WAP561 (Firmware 1.0.3.4) Cisco Router ISA500 (Firmware 1.2.19) What we want to have is basically authenticate…
pfried
  • 83
  • 1
  • 10
3
votes
1 answer

FreeRadius Server: RadGroupReply attribute for maximum connected users?

I have a FreeRadius server and I'd like to set a limitation for the number of users connected to a specific NAS. My current set up is that every user that connects to a certain NAS is added to the Radius User Group that is attached to that NAS.…
Kix Panganiban
  • 31
  • 2
3
votes
1 answer

Howto change the default radius logging path for accounting?

I have freeradius 2.1.12+dfsg-1.2 working and logging accounting packets to /var/log/freeradius/radacct/detail-20130401. However I need to tail the log and I want to ideally tail a single log file and manage the logs with logrotate. What do I change…
hendry
  • 677
  • 2
  • 10
  • 23
3
votes
1 answer

Debian build the freeradius package with unixodbc support

Here is what I am trying to achieve, we want to install freeradius using a Microsoft SQL backend. I read on the internet that we need to achieve this goal using the unixodbc driver. I am able to set up the unixodbc driver from apt-get and if I…
drivard
  • 407
  • 1
  • 6
  • 18
3
votes
1 answer

Reload Freeradius clients without restart the service

Is there a way to reload the Freeradius clients configuration without restarting the service? I'm using: Ubuntu Server 12 Freeradius 2.1.10 MySQL v5.5.20 (I'm storing the clients in the "nas" table)
PachinSV
  • 193
  • 1
  • 1
  • 9
3
votes
2 answers

Freeradius authentication failed for unknown reason

I followed this instruction to force freeradius to use mysql database. and run freeradius in debug mod. but it rejects all authentication. mysql database : mysql> select * from radcheck; +----+----------+-----------+----+---------+ | id | username |…
Moein Hosseini
  • 241
  • 3
  • 6
  • 13
3
votes
1 answer

Auth-Type :- Reject in RADIUS users file matches inner tunnel request but sends Access-Accept

I have WPA2 802.11x EAP authentication setup using FreeRADIUS 2.1.8 on Ubuntu 10.04.4 talking to OpenLDAP, and can successfully authenticate using PEAP/MSCHAPv2, TTLS/MSCHAPv2 and TTLS/PAP (both via the AP and using eapol_test). I am now trying to…
mgorven
  • 30,615
  • 7
  • 79
  • 122
3
votes
2 answers

How to encrypt user password in Freeradius

I recently set up a freeradius server and would like to change the user password that is presently in cleartext to encrypted in the /etc/freeradius/3.0/users file. This is what it looks like on the server. When I authenticate on the server, I can…
wallacex
  • 37
  • 1
  • 1
  • 3
2
votes
0 answers

How can I enforce cryptobinding on FreeRADIUS?

On NPS, there's a setting "Disconnect clients without cryptobinding", which should force clients to check the security of the comms which, if I understand correctly, will prevent attacks such as Sycophant. Is there an equivalent setting on…
Samthere
  • 121
  • 2
2
votes
0 answers

pfSense: config with daloRadius (freeRadius) to setup download quota limitation

I have pfsense and daloRadius(running freeRadius inside) up and running, I successfully configured radius parameters on pfSense and the NAS on daloRadius and they can talk to each other. I am able to create users from daloRadius and authenticate…
Xsmael
  • 171
  • 1
  • 10
2
votes
1 answer

Adding compiled FreeRADIUS to systemd

Working on getting FreeRADIUS up and running and having issues adding to systemd. Running standalone via radiusd -X works expected and all of the custom configurations are intact. Using freetds module to connect to MS SQL backend... During…
Arnydo
  • 23
  • 1
  • 6
2
votes
1 answer

EAP-TLS: How to verify a p12 key with freeradius?

I installed a Radius server with a EAP-TLS only configuration. I have a client.p12 file that is supposed to contain both the root-CA and the client certificate. I added the p12…
Alexis
  • 172
  • 1
  • 12
2
votes
0 answers

Wired 802.1x on Windows 10 1803 isn't utilizing cache

So I’ve been trying to resolve 802.1x Wired authentication issues for quite some time now with limited success. The environment is based on Server 2012, Enterasys NAC using EAP-TLS1.2, with a relatively simple PKI infrastructure. We are running…
Joshua Scott
  • 19
  • 2
2
votes
0 answers

FreeRADIUS with Let's Enrypt Certificate (trusted connection without provisioning?)

I have a FreeRADIUS server set up for PEAP/MSCHAPv2 connections with an SQL user backend. On that server, I have set up a Let's encrypt certificate for domain access.example.org. This certificate is valid, both if used for SSL (e.g. for a guest…
PiMaker
  • 151
  • 1
  • 5
1
2
3
18 19