Setting up FreeRADIUS accounting with IP address logging

Fajar A. Nugraha list at
Sun Apr 15 03:06:31 CEST 2012

On Sat, Apr 14, 2012 at 5:06 PM, Johan Swetzén <johan at> wrote:
> Hi!
> I'm setting up wifi internet in my student dorm (90 people) and thought wpa2 enterprise with FreeRADIUS (version 2.1.8 running on Ubuntu) would be a good solution, together with the incredibly stable Linksys WRT54GL and dd-wrt. There are a few problems I cannot figure out though:
> 1. How to set up plain-text accounting.
> I saw in the configuration that the log directory is set to /var/log/freeradius/radacct so I created the directory and made writable (777 to be sure) but alas, there are no logs.

Your NAS needs to send accounting packets. IIRC dd-wrt does NOT send
accounting packets when used in 802.1x/WPA2-enterprise. chilispot,
however, DOES send accounting packets. So you either need to change
your NAS, or change your setup with dd-wrt to use captive portal with

> 2. How to get freeRADIUS to work with a DHCP server.
> I'm not asking about the experimental built-in DHCP server, as it seems very limited, but is it possible to somehow log the IP addresses that each user is assigned? We need to know who was using a certain IP address at a certain time.

The easiest way? Use v2.1.x branch from git, activate its DHCP server,
and use dhcp_sqlippool, which would use DB to hand out IP addresses :)

AFAIK some NAS (e.g. mikrotik: ) can ask a radius
server for IP address (in standard framed-ip-address attribute), and
hand it to DHCP clients. But since you say you use dd-wrt, it might
not apply to you.

> 3. How to connect using Windows.
> It's dead simple to connect to the network with linux, mac and smartphones but for Windows it seems impossible to find the right combination of settings. I haven't googled this issue so much, so maybe there's a simple answer. Also, it's a later problem.

If you use captive portal setup, it's easy.
If you use 802.1x, you probably need to make sure that FR tries
PEAP-MSCHAP first (e.g. by changing default EAP type di eap.conf?)


More information about the Freeradius-Users mailing list