FreeRadius

FreeRADIUS Packet Handling - examining the flow

Edward Wincott
13 July 2015 at 3:40pm
FreeRadius
FreeRADIUS demystified
Author - Dr Alan Buxey 27/2/2012 This document looks at how a RADIUS packet is handled within the FreeRADIUS server. This fundamental knowledge will help us to understand where and how we configure the server, where we can adjust or optimise the flow and where to start looking if things go wrong. A good starting reference point is the native configuration after installation; reassuringly, by default this should just work!
Read more

Improving reliability of Microsoft NPS as an authentication provider for eduroam

Simon Edwins
1 August 2014 at 11:41am
eduroam
nps
FreeRadius
operator-name
Microsoft
I've spent a fair bit of time over the past month trying to improve the reliability of our RADIUS service for eduroam.  Previously it was entirely based on Microsoft NPS which has the tendency to silently discard authentication packets which it should really be rejecting. This creates a problem because if the authentication request originated from outside of your network (i.e.
Read more
1 November 2013 at 3:05pm

FreeRADIUS 2.2.1 released - many bug fixes and feature improvements

Edward Wincott
FreeRadius
eduroam
17/Sept/2013: FreeRADIUS 2.2.1 released.The latest release of FreeRADIUS includes many bug fixes and several feature improvements. It's been a year since the previous release, however this one is not a classic and you should avoid this release - it has some logic bugs and proxy handling issues. (At the time of writing you are advised to be using 2.2.0). Check out the release notes
Read more
31 May 2013 at 10:46am

eduroam CUI how to using FreeRADIUS 2.2.0

Scott Armitage
CUI
FreeRadius
eduroam
WARNING - These settings should be tested on a suitable test/dev server before implmentation into a live working eduroam service. Step 1 - Add a salt for generating CUIs to policy.conf In the policy.conf in /etc/raddb find the CUI section and add a salt for your site.  This value should be a long random string which is the same across all of your sites radius servers and should not change over time.         #
Read more
10 September 2012 at 4:04pm

Critical Vulnerability in FreeRADIUS

Bradley Freeman
FreeRadius
vulnerability
A critical vulnerability had been found in FreeRADIUS versions 2.1.10 - 2.1.12 with configurations using TLS-based EAP methods (including EAP-TLS, EAP-TTLS, and PEAP) this allows an attacker to execute code on affected systems prior to authenticated.   In order to mitigate the vulnerability it is advisable to upgrade all affected systems to FreeRADIUS 2.2.0 as soon as possible.  
Read more
Subscribe to FreeRadius