noob with some questions

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Thu Aug 3 20:22:07 CEST 2006


Hi,

> Thanks for your reply. Unfortunately, the FreeRadius documentation and 
> support is so abysmal and my experience too limited to make good use of 
> the advice you gave. Each OSS package has its benefits and weaknesses I 

thousands of others would disagree with you - perhaps as many would 
agree with you. I've been away on holiday/vacation so missed your
initial post or problem - and I'm not sure whether your post here
is some form of bait to get someone to stand up and prove
that they can help you - or verify that wht you're trying to do can/can't
be done - which is it? 

you're example of ISC DHCP doesnt quite agree with me - but thats
my own opinion.

> doubt it doesn't. I've spent about two weeks now struggling to make the 
> software do what I want and at this point I give up. I'm moving on to 
> Radiator. I just can't spend any more time spinning my wheels.

IAS is very good if you like simple GUIs and a fully supported system ;-)

> providing and choose to make improvements or maybe they'll just 
> continue to operate on a "you get what you pay for basis." Either way 
> it's not worth the frustration. It's a shame really because it's 
> obvious that it is a really good piece of software.

I'd try the current FreeRADIUS book from O'Reilly. It might not give
you word for word examples which match exactly what you are trying to do
(in fact, if you read through the users mailing list you'll see that
almost no-ones situation or required recipe are the same...everyone
has unique local requirements - or are simply not reading each
line of the config - or validating their requirement before implementing
it)

FWIW we are using LDAP lookups to fidn what groups people are in (and 
then returning the VLAN they should be on), authorization is via
kerberos5 for plaintext PAP stuff, and via SAMBA winbind for PEAP MSCHAPv2
conenctions, we proxy to the national RADIUS system for remote users
and accept incoming proxied for our users at other sites...we also
have FreeRADIUS gathering packet counters and use time-valid accounts for
certain systems - with a 'cafe style' ticket system... we dont, however
use it with oracle, postgresql, we dont use bit buckets or connection
speed/quality (eg chilispot style options) - yet - and there are various
other modules we dont use here and i havent gone through yet - so
such are the range of questions you can throw my way (in an ad-hoc
community-support style way). alternatively there _are_ people on
this list who will happily do work for you/help you out for the required
fees. if you like the idea of commercial support, there are such people.

alan



More information about the Freeradius-Users mailing list