Free Radius

Unanswered Question
May 26th, 2009

I want to install Free Radius for my wireless. I went to the site and I couldnt find a windows version. Only linux

Is there a windows version and if so where? Also Would anyone strongly recommend using the linux version over windows?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
scottmac Tue, 05/26/2009 - 09:09

I'm not aware of any Windows flavors of FreeRadius, so it's *nix or nuthin'.

Most Linux distributions do include FreeRadius as part of the package.

If you want to try it out without committing a machine, I'm pretty sure it's also available on the Knoppix distro, which will boot and run from a CD and USB memory fob.

Knoppix is free: http://www.knoppix.net/

O'Reilly also has a pretty good book if you want to research the configs.

http://search.oreilly.com/?q=freeradius

Depending on how complex you want your security to be, it's not too bad to set up and maintain.

Good Luck

Starthorn Tue, 05/26/2009 - 09:23

Im looking to do EAP TLS with our LDAP/Novell setup. How hard is it to rig the config files to do that?

scottmac Wed, 05/27/2009 - 05:44

It's not too bad; if anything, the certificate setup can be a little complex (everything depends on your level of experience ... ).

If you have an exiting cert, then it's pretty straight forward to import. If you don't have a cert, then there are utilities that will permit you to generate one.

Configuring freeRadius is "only" a matter of editing a config file, enabling the security options and pointing to support elements (like your Novell LDAP).

There are sections for individual options, for group options, and global options ... all can be related to the LDAP database.

Good Luck

Starthorn Wed, 05/27/2009 - 11:39

I have no experiance with free Radius. I have been looking up on how to edit the configs but I have not found anything helpful.

Anyone have a link to a beginners guide ?

scottmac Wed, 05/27/2009 - 20:29

Really, it's not that bad. Jump on in, start easy (MD5) and build on it.

The config files are pretty well commented, just follow the included guidelines. Anything you don't understand, Google, post here, post at the freRadius wiki ... there's lots of help available if you're not into pre-reading; but you have to know what specific questions to ask, and you won't know them until you give it a try.

Download it and walk through the config files. Like I said, start easy and build on your successes. It's a good way to learn ... (my favorite!) "Read & Bleed"

Good Luck

Starthorn Thu, 05/28/2009 - 05:38

im trying the MD5 just learn about the config files.

Im following this http://wiki.freeradius.org/EAP/MD5_HOWTO

I'm having problems with this part

"Assumptions:

* You have a server that starts without any errors when doing radiusd -s -X

* You have at least one properly configured client (i.e. Access Point, AP)

* You have at least one configured user and your radtest user password 10 secret'' works from a test host (e.g. localhost), i.e. you receive an Accept message from your server"

making the radtest: Would I put this in the users.config file?

radtest Auth-Type := Local, User-Password == "secret10"

radiusd -s -X? I'm using the windows version to learn. Its intalled on my desktop. I don't think I need this part.

ericgarnel Wed, 05/27/2009 - 16:36

If you are going to use radius on windows, why not just use IAS which comes with 2000, 2003, & up?

Free radius is great, easy to install on linux and the most complex part is configuring the radius specific details which you would have to do on freeradius for windows too.

One of the nice features of freeradius on linux, is the ability to use mysql as the user backend, this way, your radius users only exist in a database and are not system users.

Starthorn Thu, 05/28/2009 - 09:52

im trying the MD5 just learn about the config files.

Im following this http://wiki.freeradius.org/EAP/MD5_HOWTO

I'm having problems with this part

"Assumptions:

* You have a server that starts without any errors when doing radiusd -s -X

* You have at least one properly configured client (i.e. Access Point, AP)

* You have at least one configured user and your radtest user password 10 secret'' works from a test host (e.g. localhost), i.e. you receive an Accept message from your server"

making the radtest: Would I put this in the users.config file?

radtest Auth-Type := Local, User-Password == "secret10"

radiusd -s -X? I'm using the windows version to learn. Its intalled on my desktop. I don't think I need this part.

Actions

This Discussion

 

 

Trending Topics - Security & Network