Confused what to do next~How to understand FreeRadius

Alan DeKok aland at deployingradius.com
Tue Sep 27 13:13:43 CEST 2011


snan4love wrote:
> Thank you very much for opening this topic.
> I have worked on FreeRadius for almost 2 monthes,my purpose is to set up a
> Radius server which could be used for authentication , authority and
> accounting for my WLAN.

  That should be pretty straightforward.

> Right now, I "guess" i have finished the "Authentication Step". I installed
> the Radius server + MySQL on my FC 14 host,there is a client AP connect to
> this radius server, the users hold Windows XP laptop could get
> authentication from radius server via PEAP or EAP-TLS.
> Here is a first little problem.Right now i could add and delete user in the
> radcheck table of MySQL,but all the passwords were stored in cleartext?is
> this the only way to store this password? is it safe enough?is it could be
> store in the format of ****** like what we set in the wpa-psk mode?

  You will need to store the passwords in cleartext.  It really is the
best way.

> Most Seriously, I am confused how to implement the "Authority Step" and
> "Accounting Step".

  Not "authority", but "authorization".

> For the "Authority Step",in my thought, I should create several different
> GROUPs, each GROUP has different authority,and then divide the users into
> different GROUPs and get different  authority. Is that correct?

  For "authorization", yes.

> For the "Accounting Step",i used DaloRadius,but found out there are few help
> for this web base management system online, and the MANUAL will cost
> $250.And also the additional  mySQL tables makes me more confused.

  Why?  What is confusing about them?

  Ask a question.  Saying "I'm confused" means we don't know how to help
you.  The documentation exists, and should be clear.  See doc/rlm_sql,
among others.

  Alan DeKok.



More information about the Freeradius-Users mailing list