Confused what to do next~How to understand FreeRadius
Alan DeKok
aland at deployingradius.com
Tue Sep 27 13:13:43 CEST 2011
snan4love wrote:
> Thank you very much for opening this topic.
> I have worked on FreeRadius for almost 2 monthes,my purpose is to set up a
> Radius server which could be used for authentication , authority and
> accounting for my WLAN.
That should be pretty straightforward.
> Right now, I "guess" i have finished the "Authentication Step". I installed
> the Radius server + MySQL on my FC 14 host,there is a client AP connect to
> this radius server, the users hold Windows XP laptop could get
> authentication from radius server via PEAP or EAP-TLS.
> Here is a first little problem.Right now i could add and delete user in the
> radcheck table of MySQL,but all the passwords were stored in cleartext?is
> this the only way to store this password? is it safe enough?is it could be
> store in the format of ****** like what we set in the wpa-psk mode?
You will need to store the passwords in cleartext. It really is the
best way.
> Most Seriously, I am confused how to implement the "Authority Step" and
> "Accounting Step".
Not "authority", but "authorization".
> For the "Authority Step",in my thought, I should create several different
> GROUPs, each GROUP has different authority,and then divide the users into
> different GROUPs and get different authority. Is that correct?
For "authorization", yes.
> For the "Accounting Step",i used DaloRadius,but found out there are few help
> for this web base management system online, and the MANUAL will cost
> $250.And also the additional mySQL tables makes me more confused.
Why? What is confusing about them?
Ask a question. Saying "I'm confused" means we don't know how to help
you. The documentation exists, and should be clear. See doc/rlm_sql,
among others.
Alan DeKok.
More information about the Freeradius-Users
mailing list