Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [freeradius]

FreeRADIUS is an open source RADIUS server

FreeRADIUS is an open source RADIUS (Remote Authentication Dial-In User Service) server. It implements AAA: Authentication, Authorization, and Accounting. It is very flexible and has many modules. It supports many backend databases such MySQL, PostgreSQL or Redis for retrieving/saving AAA data.

Official website.

275 questions
1
vote
0 answers

FreeRADIUS default vs. inner-tunnel sites and EAP-TLS workflow

I am trying to setup EAP-TLS with FreeRADIUS and an IPA backend. I understand that a typical workflow is to authorize the user against LDAP first and then to authenticate the user using a certificate. Is this workflow typical or correct? I also…
user3814483
  • 183
  • 1
  • 10
1
vote
1 answer

Suddenly RADIUS authentication is gone on macOS server (TLS session fails)

Suddenly my RADIUS authentication is gone on my MacOS Server running 10.13.6 and Server Version 5.6.1 (17S2109. I already restored the Open Directory Server. $ host name.domain.tld name.domain.tld has address xxx.xxx.xxx.xxx host…
SEJU
  • 111
  • 5
1
vote
1 answer

Is it ok to use PAP with TTLS on radius server?

We have deployed Radius server ( Freeradius 3.x ) and connected it to our LDAP database (ForgeRock OpenDJ). We have successfully configured EAP-TTLS with valid certificates and set it as default connection method. ( almost all other settings are…
pagep
  • 137
  • 2
  • 9
1
vote
1 answer

freeradius: assign IP from specific pool filtered by user

I'm new here. I have a freeradius 3 with sqlippool and LDAP authentication (with a "guest" file-configured user), all working fine. I have 2 sqlippools: -main_pool -guest_pool I want to do the following: if the user is "guest" then offer an IP from…
Pixel
  • 11
  • 4
1
vote
1 answer

Run FreeRADIUS on FIPS enabled Redhat server?

I'm attempting to install a FreeRADIUS server on a RHEL 6.9 VM. This VM is operating in FIPS mode. I'm running into the problem described in a Red Hat bug report found here. According to that bug report from March of 2015 the RADIUS protocol…
dutsnekcirf
  • 249
  • 2
  • 4
  • 16
1
vote
2 answers

FreeRADIUS with LDAP vs Kerberos

The following site discusses how to setup FreeRADIUS to authenticate against an LDAP backend (it goes through a tutorial showing how to expose NT hashed passwords in FreeIPA so that FreeRADIUS can read…
user3814483
  • 183
  • 1
  • 10
1
vote
1 answer

Unifi AP-PRO with pfSense running FreeRADIUS, with MySQL database externally

I'm in the process of moving from a set of Aerohive AP's to Unifi AP-PRO to increase the range of our wifi. Adding more Aerohives could be a solution, but they're way more expensive and I already have good experiences with the Unifi range of AP's…
Jacob F.
  • 11
  • 3
1
vote
1 answer

cannot read clients from nas table in freeradius only from clients.conf

I have installed freeradius on Centos. The MySQL database is populated with some data for testing, and the freeradiusd.conf and sql.conf are configured. The RADIUS server is able to connect with the MySQL database, and I can authenticate users from…
ahmad charafdin
  • 11
  • 1
  • 6
1
vote
1 answer

Return additional attributes after FreeRADIUS authentication

I would like to return additional attributes in the response after successfully authenticating against radius. Consider the following: testuser Cleartext-Password := "testpassword" DEFAULT Unix-FTP-Shell = "Test" In…
Tuaris
  • 71
  • 2
  • 13
1
vote
1 answer

OpenVPN with Radius simultaneous connection

I'm trying to set-up OpenVPN server with radius authentication and accounting. Basics are working. Users can authenticate to OpenVPN server with their Radius accounts but there is a problem about simultaneous connection which i couldn't fix. Also I…
kenarsuleyman
  • 111
  • 5
1
vote
1 answer

Can't authenticate radius against active directory

I'm trying to use the LDAP module to authenticate radius clients against active directory, so I need to have it actually use LDAP as the authenticator. However, it seems User-Password isn't getting set. First of all, is User-Password supposed to be…
Dessa Simpson
  • 539
  • 7
  • 27
1
vote
1 answer

"Transport encryption required" when using transport encryption

I'm trying to set up a radius server to authenticate against LDAP, but I'm running into a weird issue: rlm_ldap (ldap): Bind with radiusd@[domain] to ldaps://localhost:636 failed: Strong(er) authentication required rlm_ldap (ldap): Server said:…
Dessa Simpson
  • 539
  • 7
  • 27
1
vote
0 answers

Google authentication freeRadius server stop working

It is very funny issue. THe Free radius server has been up and running for almost one year, no any issue. All the sudden it stops working this week. I test the domain user from local: radtest jzwang@yyy.yyy.yy 'yyy11111' localhost 18120…
Zhujun Wang
  • 11
  • 1
1
vote
0 answers

Freeradius Proxy eap-mschapv2 auth to non-eap Radius server

I'm using strongswan 5.6.0 & Freeradius 3.0.13 on CentOS7 as vpn server - Strongswan send radius requests to freeradius - freeradius proxy all request to another Radius Server that not support EAP challenge All non-eap request from freeradius…
Pedram Masoumi
  • 11
  • 1
1
vote
2 answers

Separate users in two groups (staff and guests) in FreeRADIUS 3

I have a FreeRADIUS (3.0.15) server for WPA authentication (PEAP + MSCHAPv2) and everything works out of the box even though it feels like it would take a lifetime of study in an enclosed monastery to master every bit of the configuration. I have my…
jamarju
  • 113
  • 1
  • 3
1 2 3
18 19