Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1356
Views
0
Helpful
3
Replies

ASA5500 AAA SERVER GROUP (RADIUS) -> FREERADIUS AUTH

vpancisco
Level 1
Level 1

‎11-26-2009 05:17 AM - edited ‎03-10-2019 04:49 PM

hello,

i'm trying to authenticate users from ASA 5520 to FREERADIUS on Debian

Does anyone succed in ? what's the way to ?

thanks

Labels:
0 Helpful
3 Replies 3

Ivan Martinon
Level 7
Level 7

‎12-02-2009 10:08 AM

Did that once and worked like a charm, as far as I remember you need to manually edit the clients.conf file on the radius service of freeradius and add the NAS ip address, key and ID I believe the doc for freeradius will help:

http://wiki.freeradius.org/Configuration

cheers

0 Helpful

vpancisco
Level 1
Level 1
In response to Ivan Martinon

‎12-03-2009 12:40 AM

thanks

ok it found now !!

but only if i put in clear text the password in the users file as:

youruser   Cleartext-Password := "somepass"
           Service-Type = NAS-Prompt-User,

so i don't use password stored in the freeradius data base

that's not enough secure for an auth service

regards

0 Helpful

Conor Cunningham
Level 1
Level 1
In response to vpancisco

‎12-06-2009 11:40 AM

There are many other databases you can use. Check the users file in /etc/raddb/users for examples.

You can also have it authenticate against the unix user db, i.e. /etc/passwd. This is the default configuration for freeradius.

e.g. /etc/raddb/users

DEFAULT Auth-Type = System
        Fall-Through = 1

/etc/passwd uses MD5 for its hashing if I'm not mistaken.

Cheers,

Conor

0 Helpful
Customers Also Viewed These Support Documents