orion wrote:
alan , can we have the TOC of the book ?
It's still in development, and I'm re-arranging it occasionally. At a high level: Introduction Concepts Participants and their roles User Devices NAS RADIUS Servers Databases AAA Overview Authentication Authorization Accounting Auditing Conversations Protocol overview Message contents Dictionaries Security Participants in more detail User devices NAS RADIUS Servers Databases Authentication The basics PAP CHAP MS-CHAP Digest Managing passwords hashes & protocol compatibility EAP EAP-GTC EAP-MD5 EAP-MSCHAPv2 LEAP EAP and password storage EAP-TLS Methods EAP-TLS Microsoft Windows requirements PEAP EAP-TTLS Wireless and wired security with EAP Other authentication protocols Authorizations Principles for policy creating Logging Role-based authorization Policy maintenance Chained policies Examples Accounting Interaction with authorization Generation of data Logging of data Relaying of packets Simultaneous-Use RADIUS Server implementations ACS OAS Juniper OCS Radiator FreeRADIUS Others Recommendations ----- And now we get into FreeRADIUS-specific text. :) Basic deployments Installing FreeRADIUS Configuration files radiusd.conf clients.conf proxy.conf virtual servers Starting the server Debugging Tracking configuration changes Test methodology radiusd.conf Layout Processing of requests authentication accounting proxying Modules Multiple instances of a module Redundant and load-balanced modules simple flow control "unlang" Introduction Interaction with modules Examples "clients.conf" proxy.conf virtual servers "users" file format sample entries Dictionaries ATTRIBUTE definitions VALUE definitions VENDOR definitions Loading other dictionary files Creating a dictionary file Special considerations Debugging a deployment Tools Test methods and procedures EAP testing with eapol_test Databases LDAP Active Directory considerations SQL MySQL Postgresql Common deployment issues Windows AP implementations RADIUS Servers LDAP Servers Security Network security Physical security Configuration security Methods for policy creation RADIUS protocol reference Attributes Data types VSA's Packet types Module overview rlm_chap rlm_digest ... If you've read this far, I'm impressed. With each topic on a single line like that, it starts to look silly after a while. The intent, though, is to be the *definitive* reference for not only FreeRADIUS, but also for the protocol, and common use cases. Where other books say things like "Access-Request packets contain requests for access", this one says that, and more. Like common problems people see, common mistakes vendors make, common misunderstandings and how to correct them, and how to work around various issues in practice. I'm going to try to keep it under 400 pages, but I do think there's enough material to make 400 pages. Alan DeKok.