Questions tagged [radius]

Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect and use a network service.

RADIUS is a client/server protocol that runs in the application layer, using UDP as transport. The Remote Access Server, the Virtual Private Network server, the Network switch with port-based authentication, and the Network Access Server (NAS), are all gateways that control access to the network, and all have a RADIUS client component that communicates with the RADIUS server. The RADIUS server is usually a background process running on a UNIX or Microsoft Windows server.[3] RADIUS serves three functions:

to authenticate users or devices before granting them access to a network
to authorize those users or devices for certain network services and
to account for usage of those services.

Source: wikipedia

355 questions

votes

0 answers

Azure VPN using RADIUS to solve local admin requirements

Now that Azure point to site VPN can be authenticated via RADIUS, would using RADIUS instead of certificates change the need for local admin privilege? I have clients that connect to Azure via point to site VPN without local admin rights. The only…

asked Nov 20 '17 at 16:19

Eric L

votes

2 answers

Should a server or a client be able to verify a client/server certificate - intermediate certificate chain with a known root ca?

I am trying to test the following setup: A RADIUS server works with the EAP-TLS protocol. The client and the server have the following certificates: Client Public Key: clientcert_intermediatecert_chain.pem CA-certificate: rootcert.pem Server Public…

ssl authentication radius freeradius keychain

asked Jul 07 '17 at 10:06

Jannis Kappertz

votes

1 answer

FreeRadius, login not working when using mschap

I've been trying to make RADIUS work with Zentyal without success, I've tried logging in with an Android phone and a Windows 10 PC but none of them worked. Joining the domain using LAN works fine, using radtest without mschap works fine too, the…

ldap authentication radius freeradius zentyal

asked Jun 09 '17 at 14:42

Elia Perantoni

votes

1 answer

Google Authenticator FreeRADIUS

I'm trying to implement google authenticator PAM module in FreeRADIUS on RHEL7. I've loosely followed this guide: http://www.supertechguy.com/help/security/freeradius-google-auth The reason I say loosely is things appear to have changed with the…

redhat pam radius freeradius google-authenticator

asked Jun 09 '17 at 07:51

Justin Whelan

votes

1 answer

Freeradius VLAN assignment with EAP-TLS and WiFi 802.1x

I'm using FreeRadius with a Ubitquiti WiFi AP with 802.1x auth using EAP-TLS (mutual client/server cert based auth). This is working well for static VLANs (i.e. specified on the AP). I'd like to offload the VLAN assignment to Radius so that…

ssl radius freeradius 802.1 eap

asked Jan 26 '17 at 14:06

user397220

votes

0 answers

OpenBSD login.conf statement for nat-translated radius clients to ID as public address instead of private?

I'm on OBSD6.0 behind a NAT firewall and attempting to authenticate against a RADIUS server on the outside. The RADIUS server gets the internal (private) address of the client system, not what the firewall NAT translates it to. Is there a…

nat radius openbsd

asked Jan 06 '17 at 17:12

danno

votes

1 answer

CentOS 7 SSH and 2FA (ESET Secure Authentication)

I am stuck at getting two factor-authentication in CentOS 7 to work; specifically the authentication via SSH and OTP. I would very much appreciate it if someone could assist me with this. :) Edit: As I understand it from the log below, the pam…

centos ssh authentication pam radius

asked Jan 05 '17 at 06:50

pomf

votes

1 answer

FreeRadius can't get new openssl version

I just beginning with FreeRadius. I have installed FreeRadius 2.2.9 but when I try to debug with radiusd -X I got this error Refusing to start with libssl version OpenSSL 1.0.1e-fips 11 Feb 2013 (in range 1.0.1 - 1.0.1f). Security advisory…

linux centos radius freeradius

asked Sep 01 '16 at 03:30

user3422401

votes

1 answer

Setting up Cisco ASA VPN to use both radius and local users

I've got a Cisco ASA setup with L2TP/IPSec VPN, all is working well except for one minor issue. Ideally, I'd like to be able to log on to the VPN using either that RADIUS server users or the local user database on the ASA. Right now, everything uses…

vpn cisco cisco-asa radius

asked Jan 21 '16 at 15:46

Darinth

votes

0 answers

Windows Server 2012R2 RADIUS (wifi) clients won't accept bought wildcard certificate

I've been managing the NPS Server for a while and thought it was time to treat it a valid SSL certificate. The setup I bought a wildcard SSL certificate from comodo, compiled it to an .pfx certificate (including the comodo chain) and installed it on…

windows-server-2012 ssl-certificate radius nps

asked Sep 11 '15 at 17:45

Christian

votes

1 answer

NPS/RADIUS authentication across one-way trust

I'm trying to set up Windows Network Policy Server to allow RADIUS authentication in a multiple forest scenario with one-way trusts. We have several domains (each in a single domain-forest) containing user accounts, and one domain "OPS" with servers…

windows-server-2012-r2 radius nps

asked Jul 17 '15 at 10:57

carlpett

votes

1 answer

EAP-TLS for Wireless with Active Directory

My question is more from a conceptual point of view, rather than implementation (even though I'm asking about proprietary protocols and products). Assuming I have users and credentials set up in my Active Directory. Users can log in to their…

active-directory radius nps eap

asked Jun 22 '15 at 21:12

AndreCruz

votes

1 answer

Debian Samba share Authentification with RADIUS server

I'm trying to configure Samba (apt-get install samba) to authenticate users using a RADIUS server and i cannot find anything useful. Is it possible ? I tought i could set Samba to use the PAM authentification and then configure PAM to use the RADIUS…

debian authentication samba radius freeradius

asked Jun 08 '15 at 17:20

Joshua

votes

2 answers

How do I use a domain account to connect to a MSSQL server for NPS accounting?

I'm trying to connect a Server 2008 R2 NPS to a MSSQL server for logging accounting data and I'm running into issues. I configured NPS Accounting through the "Configure Accounting" wizard and, using windows integrated security, I was able to connect…

sql-server radius nps windows-ias-server aaa

asked Feb 24 '15 at 19:43

red888

4,183
18
64
111

votes

1 answer

Using Windows NPS for Cisco router aaa authentication - is this safe?

I setup RADIUS authentication on a Cisco router and pointed it to a Windows NPS. Now I can ssh into the router my with AD account YAY. But now that I got it working I'm going over the settings to make sure everything is secure. On my router the…

ssh cisco authentication radius nps

asked Feb 19 '15 at 16:07

red888

4,183
18
64
111

Prev 1 2 3

…

23 24 Next