help with freeradius authentication that does not require client-side certificates
Hello, I'm using freeradius 2.1.6 on CentOS 5.3. I'm trying to configure the RADIUS server to authenticate for several clients. I've read that certificate based authentication is more secure as I understand. However, the nature of my wireless network (with users changing on a rather constant basis) does not allow to use client-side certificates that they have to install in order to gain access to the network. I've attempted to read the manuals behind the different types of authentication and how to configure freeradius for them but I've just gotten lost. All I want is a simple challenge-answer system to authenticate the user to the network. It does not have to be via a web portal. Can someone please help me or guide me somewhere with a manual that goes through every step that isn't outdated as the one's I've tried either rely on an older version of freeradius or talk about areas in files that have either changed with freeradius2 or do not exist anymore. I would really appreciate any help and time anyone can spare. I apologize if this is the 10000000000th time you have seen this post. Thank you again. _________________________________________________________________ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. http://clk.atdmt.com/GBL/go/171222985/direct/01/
I'm using freeradius 2.1.6 on CentOS 5.3. I'm trying to configure the RADIUS server to authenticate for several clients. I've read that certificate based authentication is more secure as I understand. However, the nature of my wireless network (with users changing on a rather constant basis) does not allow to use client-side certificates that they have to install in order to gain access to the network.
I've attempted to read the manuals behind the different types of authentication and how to configure freeradius for them but I've just gotten lost.
All I want is a simple challenge-answer system to authenticate the user to the network. It does not have to be via a web portal.
Captive portal is the usual answer to your requirements.
Can someone please help me or guide me somewhere with a manual that goes through every step that isn't outdated as the one's I've tried either rely on an older version of freeradius or talk about areas in files that have either changed with freeradius2 or do not exist anymore.
Enter portal details in raddb/clinets.conf. Enter username/password in raddb/users. That's it. Ivan Kalik Kalik Informatika ISP
Thanks for the info. If my understanding is correct then, freeradius is configured by default for md5 authentication. I'm assuming then that all I have to do is set up my clients and users and start the server and I should be good to go. Is that correct? -----Original Message----- From: freeradius-users-bounces+flyboy_1628=hotmail.com@lists.freeradius.org [mailto:freeradius-users-bounces+flyboy_1628=hotmail.com@lists.freeradius.or g] On Behalf Of Ivan Kalik Sent: Wednesday, September 16, 2009 17:43 To: FreeRadius users mailing list Subject: Re: help with freeradius authentication that does not require client-side certificates
I'm using freeradius 2.1.6 on CentOS 5.3. I'm trying to configure the RADIUS server to authenticate for several clients. I've read that certificate based authentication is more secure as I understand. However, the nature of my wireless network (with users changing on a rather constant basis) does not allow to use client-side certificates that they have to install in order to gain access to the network.
I've attempted to read the manuals behind the different types of authentication and how to configure freeradius for them but I've just gotten lost.
All I want is a simple challenge-answer system to authenticate the user to the network. It does not have to be via a web portal.
Captive portal is the usual answer to your requirements.
Can someone please help me or guide me somewhere with a manual that goes through every step that isn't outdated as the one's I've tried either rely on an older version of freeradius or talk about areas in files that have either changed with freeradius2 or do not exist anymore.
Enter portal details in raddb/clinets.conf. Enter username/password in raddb/users. That's it. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
participants (2)
-
Ivan Kalik -
Jon Standley