Configure Freeradius Server on a Synology NAS to Authenticate Cisco RV340 Users

[Alan DeKok]

On Sep 3, 2019, at 9:22 PM, Levin, Vladimir <vladlevin at geo-logic.com> wrote:
> 
> 1. I was unable to find any vendor documention that would explain how to make it work.  Both, Synology and Cisco, development level technical support couldn't help either and referred me to Freeradius or "other online sources".

  My point was that we can answer questions about FreeRADIUS.  We *can't* answer questions about what attributes are needed by a particular NAS.  Or, what values should be used for those attributes.  Only the vendor documentation has that information.

  Once you know which attributes need to be returned, and what values they have, it's easy to configure FreeRADIUS.  And we can definitely help there.

> 2. I am not familiar with RADIUS server environment nor am I a programmer, so even after reading the documentation I am still not sure which file(s) to input the code into or what the correct code should be.

  "correct code" to do... what? 

  Saying "I'm not familiar with RADIUS" is a *terrible* answer.  We know.  You MUST be willing to *learn* about it.

> 3. I am not looking for a lecture (though, if that's what gets you off, I am happy to provide the opportunity) nor for other people to do my work for me (I've spent many hours trying to get it to work with nothing to show for it), but was rather hoping that someone has already solved that problem and was willing to share the solution.  

  I was hoping you would answer my question instead of complaining or making personal insults.

  The point was if you want to return an attribute, there is TONS of documentation telling you what to do.  Just look for "Class" in the default configuration, and you will see examples of comparing the Class attribute to something, or setting its value.

  And no, no one has solved your particular problem before.  It's unusual, hence my reply of "what do you mean?"  If it was a common problem, then it would have been documented.

  Yes, it's 2019.  Complaints about the FreeRADIUS documentation are no longer relevant.  While the documentation isn't perfect, it clearly describes the syntax of the configuration files.  The default virtual servers are heavily commented and documented.

  All that is necessary is that you *read* it, and ask *specific questions* when you don't understand something.

  It's just not useful to say "I've spent many hours trying to get it to work with nothing to show for it".  That's a complaint of "I did stuff and it didn't work.  But I'm not going to tell you what I did!"

  How do you expect us to be able to help you, then?

> 4. The group names are stored in the local user database of the Synology NAS; its RADIUS server, which is essentially Freeradius, is configured via GUI to use that database.

  That means nothing.  WHAT kind of database is it?  HOW does FreeRADIUS query it?

> 5. If I knew what additional information is needed, I'd be glad to provide it, if I can.

  Give sufficient technical information so that people can help you. 

  Your description is vague.  "Database" isn't helpful.  "MySQL" is helpful.  "MySQL and here's a copy of the schema" is helpful.

  You're asking us how to configure "stuff".  And when I point out that description isn't good enough, you don't respond with a clearer description.  That's not productive.

  Alan DeKok.