Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [freeradius]

FreeRADIUS is an open source RADIUS server

FreeRADIUS is an open source RADIUS (Remote Authentication Dial-In User Service) server. It implements AAA: Authentication, Authorization, and Accounting. It is very flexible and has many modules. It supports many backend databases such MySQL, PostgreSQL or Redis for retrieving/saving AAA data.

Official website.

275 questions
2
votes
3 answers

FreeRadius return User Groups in Class field

I use strongSwan to authenticate against FreeRadius which it does but now I need FreeRadius to return the user's groups in the Class field so they can be checked by strongSwan [1]. I'm using winbind and ntlm_auth on freeradius to authenticate users,…
Christian
  • 796
  • 3
  • 13
  • 31
2
votes
1 answer

smb fails to start on centos7 radius server

I have a working radius server that auths connections to a PDC AD server. I wanted to create another one so that I can fail over on the firewall when needed. I created a second server using the same configs as the first. When I have the following in…
IRBiddlecombe
  • 21
  • 1
  • 3
2
votes
0 answers

Freeradius multi-factor auth with LDAP and Yubikey

I just set up a freeradius server and would like to be able to authenticate using both the password of a ldap user and the yubico otp generated from their yubikey. It is working using the ldap password out of the box without any configuration, but I…
eli0T
  • 110
  • 11
2
votes
1 answer

Setup FreeRADIUS on windows

Can any one suggest where to download "FreeRADIUS" server (2.2.3) .exe for windows? I tried downloading 1.1.7 from Downloads | FreeRADIUS. It works fine but it doesn't work for TLS security. The WIFI module provider suggested that download 2.2.3…
GBD
  • 23
  • 1
  • 3
2
votes
1 answer

FreeRadius + Active Directory + Google Authenticator

I have FreeRadius 3.0.13 installed on CentOS 7.3 which also has SSSD 1.14.0 which is being used to communicate with our Windows 2012 Domain controller. We are able to authenticate using AD via radius. We also have google authenticator installed on…
georgdl
  • 21
  • 1
  • 1
  • 2
2
votes
1 answer

How do I force freeradius to check certificates validity?

I am trying to install a freeradius server on my debian 9 machine. I succeeded to install it with apt. I also succeeded to run it and accept user and password and reject the connection if you don't present a good user and password. But I need to…
arnaud
  • 31
  • 1
  • 5
2
votes
2 answers

Should a server or a client be able to verify a client/server certificate - intermediate certificate chain with a known root ca?

I am trying to test the following setup: A RADIUS server works with the EAP-TLS protocol. The client and the server have the following certificates: Client Public Key: clientcert_intermediatecert_chain.pem CA-certificate: rootcert.pem Server Public…
Jannis Kappertz
  • 47
  • 1
  • 7
2
votes
1 answer

FreeRadius, login not working when using mschap

I've been trying to make RADIUS work with Zentyal without success, I've tried logging in with an Android phone and a Windows 10 PC but none of them worked. Joining the domain using LAN works fine, using radtest without mschap works fine too, the…
Elia Perantoni
  • 143
  • 1
  • 7
2
votes
1 answer

Google Authenticator FreeRADIUS

I'm trying to implement google authenticator PAM module in FreeRADIUS on RHEL7. I've loosely followed this guide: http://www.supertechguy.com/help/security/freeradius-google-auth The reason I say loosely is things appear to have changed with the…
Justin Whelan
  • 21
  • 1
  • 3
2
votes
1 answer

Freeradius VLAN assignment with EAP-TLS and WiFi 802.1x

I'm using FreeRadius with a Ubitquiti WiFi AP with 802.1x auth using EAP-TLS (mutual client/server cert based auth). This is working well for static VLANs (i.e. specified on the AP). I'd like to offload the VLAN assignment to Radius so that…
user397220
  • 71
  • 1
  • 6
2
votes
0 answers

rlm_rest : Handling MSCHAP

I'm writing a django based json rest service for use with rlm_rest. FreeRadius will serve both AAA and DHCP. Despite my scripting skill, The DHCP Part is working correctly ... but have problem with the authentication part. My test scenario: Using…
Bino Oetomo
  • 227
  • 1
  • 3
  • 11
2
votes
1 answer

FreeRadius can't get new openssl version

I just beginning with FreeRadius. I have installed FreeRadius 2.2.9 but when I try to debug with radiusd -X I got this error Refusing to start with libssl version OpenSSL 1.0.1e-fips 11 Feb 2013 (in range 1.0.1 - 1.0.1f). Security advisory…
user3422401
  • 121
  • 2
2
votes
1 answer

Debian Samba share Authentification with RADIUS server

I'm trying to configure Samba (apt-get install samba) to authenticate users using a RADIUS server and i cannot find anything useful. Is it possible ? I tought i could set Samba to use the PAM authentification and then configure PAM to use the RADIUS…
Joshua
  • 121
  • 1
  • 3
2
votes
0 answers

802.1x dynamic vlan assignment not assigning VLAN

I recently dived into 802.1x authentication with dynamic vlan assigment. My current set up contains of: - A client - A SG220 cisco switch (the supplicant) - A freeradius (authenticator) based on an LDAP AD - A fortigate for…
martijn
  • 21
  • 2
2
votes
2 answers

Is there a list of FreeRADIUS specific attributes?

I am using FreeRADIUS 2.1.12 with PostgreSQL for user and client (nas) auth. I'm a bit new to this--I learned what RADIUS was when I was assigned to set this server up a couple of weeks ago--so pardon me if I'm misunderstanding. In the database…
vastlysuperiorman
  • 596
  • 6
  • 17
1 2
3
18 19