FreeRadius

13 July 2015 at 3:40pm
Author - Dr Alan Buxey 27/2/2012 This document looks at how a RADIUS packet is handled within the FreeRADIUS server. This fundamental knowledge will help us to understand where and how we configure the server, where we can adjust or optimise the flow and where to start looking if things go wrong. A good starting reference point is the native configuration after installation; reassuringly, by default this should just work!
1 August 2014 at 11:41am
I've spent a fair bit of time over the past month trying to improve the reliability of our RADIUS service for eduroam.  Previously it was entirely based on Microsoft NPS which has the tendency to silently discard authentication packets which it should really be rejecting. This creates a problem because if the authentication request originated from outside of your network (i.e.
1 November 2013 at 3:05pm
17/Sept/2013: FreeRADIUS 2.2.1 released.The latest release of FreeRADIUS includes many bug fixes and several feature improvements. It's been a year since the previous release, however this one is not a classic and you should avoid this release - it has some logic bugs and proxy handling issues. (At the time of writing you are advised to be using 2.2.0). Check out the release notes
31 May 2013 at 10:46am
WARNING - These settings should be tested on a suitable test/dev server before implmentation into a live working eduroam service. Step 1 - Add a salt for generating CUIs to policy.conf In the policy.conf in /etc/raddb find the CUI section and add a salt for your site.  This value should be a long random string which is the same across all of your sites radius servers and should not change over time.         #
10 September 2012 at 4:04pm
A critical vulnerability had been found in FreeRADIUS versions 2.1.10 - 2.1.12 with configurations using TLS-based EAP methods (including EAP-TLS, EAP-TTLS, and PEAP) this allows an attacker to execute code on affected systems prior to authenticated.   In order to mitigate the vulnerability it is advisable to upgrade all affected systems to FreeRADIUS 2.2.0 as soon as possible.  
Subscribe to FreeRadius