What Next??

Thomas Reeves thomas_reeves at verizon.net
Mon Jul 5 08:00:42 CEST 2010

Thanks for your reply, Fajar.  

In your example, is the wireless access point the "client" that I've seen
referred to in some of the FreeRADIUS documentation?  If yes, then I would
have these three "clients":
1. Apache web server
2. Open-Xchange server (java-based)
3. Postfix + Dovecot mail server

So, my "clients" should pass a userid/password to FreeRADIUS and receive
back an accept or reject from FreeRADIUS?


-----Original Message-----
freeradius-users-bounces+thomas_reeves=verizon.net at lists.freeradius.org
[mailto:freeradius-users-bounces+thomas_reeves=verizon.net at lists.freeradius.
org] On Behalf Of Fajar A. Nugraha
Sent: Monday, July 05, 2010 1:44 AM
To: FreeRadius users mailing list
Subject: Re: What Next??

On Mon, Jul 5, 2010 at 12:20 PM, Thomas Reeves
<thomas_reeves at verizon.net> wrote:
> I have a FreeBSD-based gateway server running pfSense software.

> I want to authenticate and authorize all incoming http(s) requests before
> allowing access to any back-end services.
> However, I seemed to have missed something fundamental about the
> server – what do I do next??  How do I “attach” FreeRADIUS to the inbound
> TCP stream to accept/reject requests??

That question would be better addressed to pfSense support/discussion
list. radius does not really care what the end usage is, it simply
provides Authentication, Authorization, and Accounting (AAA).

Here's a similar example: you can limit which users are allowed to use
wireless network on your office by listing the users and their
respective password on a radius server. But to get the actual
limitation to work, you need to configure your wireless access point
to "ask" radius whether a particular user/password combination is
allowed. Does this make sense so far?


List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list