Questions tagged [radius]

Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect and use a network service.

RADIUS is a client/server protocol that runs in the application layer, using UDP as transport. The Remote Access Server, the Virtual Private Network server, the Network switch with port-based authentication, and the Network Access Server (NAS), are all gateways that control access to the network, and all have a RADIUS client component that communicates with the RADIUS server. The RADIUS server is usually a background process running on a UNIX or Microsoft Windows server.[3] RADIUS serves three functions:

to authenticate users or devices before granting them access to a network
to authorize those users or devices for certain network services and
to account for usage of those services.

Source: wikipedia

355 questions

votes

2 answers

Why freeradius server says invalid Message-Authenticator which is generated from radtest?

I am learning how to use freeradius, the version is v2.1.12. When I run radtest, there is no response from server, I see server side debug message has the following: Received packet from 127.0.0.1 with invalid Message-Authenticator! (Shared secret…

radius freeradius freeradius2

asked Feb 15 '18 at 05:07

my_question

votes

1 answer

Providing High Availability for NPS

I need to ensure high availability for RADIUS service in Windows Server environment so it can withstand loss or even temporary downtime of any particular server holding NPS role. Most of technet articles state that I should use NPS Proxy, but in my…

windows-server-2012-r2 radius nlb nps

asked Jul 29 '16 at 07:53

strange walker

votes

2 answers

pfSense - IKEv2 with EAP-RADIUS: Any fallback option if the RADIUS server is down?

I'm deploying an IKEv2 VPN authenticating against a RADIUS service within a pfSense 2.3-RELEASE box. But I'm afraid of the complications of this approach when the RADIUS server is down. Since the RADIUS is behind the pfSense box, in an event of a…

vpn pfsense radius eap ikev2

asked May 14 '16 at 04:23

Vinícius Ferrão

5,520
11
55
95

votes

1 answer

Tracing Untraceable AD Account Lockouts

A user (we'll call them 'username') keeps getting locked out and I don't know why. Another bad password is logged every 20 minutes on the dot. The PDC Emulator DC is running Server 2008 R2 Std. Event ID 4740 is logged for the lockout but the…

active-directory radius windows-ias-server

asked May 29 '15 at 23:42

Fëanor

votes

3 answers

Troubleshooting Windows EAP/RADIUS connectivity issues

So, I guess the short version of the question is: I'm unable to get clients to connect to an enterprise-WPA wireless network after setting up a "new" NPS server and a new CA. After I manually request a new cert on my client from the NPS/CA server…

windows-server-2008-r2 windows-xp troubleshooting radius eap

asked Jul 16 '12 at 17:48

HopelessN00b

53,795
33
135
209

votes

4 answers

Radius feedback from AP to WiFi client

We have the following setup at our company: a gateway PC with CentOS (gw), running Radius and some traffic filtering programs. All of our employees connect wirelessly, and we have a WPA2 Enterprise encryption in place. The users are in a MySQL…

centos authentication vlan radius router

asked Sep 05 '11 at 06:53

Swader

votes

1 answer

Configuring RADIUS or LDAP on Supermicro (ATEN) IPMI

I'm trying to get our new server, a X8DTN+-F's IMPI configured to talk to our authentication servers. The two choices are LDAP and RADIUS. I'm debugging this by looking at packet captures, as it seems the IPMI stuff doesn't log anything. I first…

authentication ldap radius ipmi supermicro

asked Jul 12 '10 at 15:13

derobert

1,308
12
22

votes

1 answer

Network Policy Server + RADIUS not listening on any ports for Windows Server 2019

I must be missing something basic - is there some "master" switch for enabling Network Policy Server? It's not listening on any of the RADIUS ports. Detail: Trying to setup Windows Server 2019 as a RADIUS server. However, after configuring…

windows radius netstat windows-server-2019

asked Jun 17 '19 at 18:45

BlueSky

votes

1 answer

Command Line tool for Linux to test Windows Radius

Anyone know a tool that works to test authentication against a Windows Radius Server? I have tried radtest with: radtest -d /usr/share/freeradius/ kbrandt 'betYouCantGuess' theServer 10 secretIGaveforMyIP 0 192.168.254.82 But I get: Sending…

linux windows-server-2003 radius windows-ias-server

asked Nov 06 '09 at 15:48

Kyle Brandt

83,619
74
305
448

votes

1 answer

Verifying RADIUS server is sending the correct certificates?

How can I see the TLS (SSL) certificates that my RADIUS server is using, to make sure it is sending the correct certificate and chain? I am implementing 802.1x authentication with a RADIUS server, but I have certificate acceptance problems on some…

ssl-certificate radius debugging 802.1

asked Apr 23 '16 at 12:45

Jan Fabry

votes

3 answers

SuperMicro IPMI using Windows-based RADIUS (NPS)

I'm struggling to use a Windows-based RADIUS setup (Network Policy Server) with SuperMicro IPMI interfaces. I've found that I need to add vendor-specific attribute H=4, I=4 (Appendix C in the SuperMicro IPMI manual), but I'm not sure about some of…

radius ipmi nps

asked Oct 23 '14 at 12:05

Joep Piscaer

votes

2 answers

Using SHA1 user password fields in freeradius radius server

I have proprietary web application which stores user password in form of sha1$79b2c$b3704ec5703ef28ded379cf6c6de4c4160aa029b. This is a salted sha1 hash. I want to use this presaved information for freeradius as well. Crypt-Password attribute is…

radius freeradius2

asked Aug 04 '12 at 10:48

seaquest

votes

1 answer

Cisco ASA LDAP Group Privilege Level

We have a pair of ASA 5510s (8.4.3) on which we use LDAP authentication for VPN and SSH access. On all of our Catalyst switches, which use RADIUS, we're able to set the shell:priv-lvl to 15 in the RADIUS config (2008R2 NPS). However, the best I…

cisco ldap cisco-asa radius aaa

asked May 21 '12 at 14:27

bab

votes

5 answers

802.1x PEAP GPO that trusts self-signed CA certificate

I am working on a Freeradius backed 802.1.x authentication infrastructure for our wireless clients. I am using a rather generic Freeradius configuration with EAP-PEAP. Our clients are predominantly Windows XP SP3 machines but a few Windows 7 32 and…

group-policy radius 802.1 freeradius peap

asked Mar 10 '12 at 02:11

user62491

votes

2 answers

Why would NPS suddenly stop authenticating users?

We use a computer running Windows Server 2008 (32-bit) with the RRAS and NPS roles to authenticate users for VPN and wireless access over RADIUS. This configuration has been working great for more than a year, but starting this morning the server…

windows-server-2008 rras radius nps

asked Oct 17 '11 at 19:50

Nic

13,425
17
61
104

Prev 1

…

23 24 Next