working with vouchers

Andreas Meyer anmeyer at
Thu Jul 5 18:05:47 CEST 2012

"Fajar A. Nugraha" <list at> wrote:

> On Thu, Jul 5, 2012 at 3:43 PM, Andreas Meyer <anmeyer at> wrote:

> >> > Without considering any security is it possible to hand out a
> >> > voucher to a client with just the ESSID, the username and the
> >> > password written down and this client can authenticate to the
> >> > radiusserver over the authenticator? Please be patient with me!
> >>
> >>
> >> depends on the methods used, server configuration  and the client involved
> >
> > In the simpliest environment I want to see what is possible and
> > how it can be done. I don't really know what methods to use for an
> > easy authentication without EAP.
> One option would be captive portal, e.g. chillispot and derivatives.
Yes, I have heard of that and shall try pfSense for example. But I
want to understand the contiguities of what method pfSense is using
to talk to the Radiusserver to be able to create vouchers.

Is there a big picture somewhere available for the freeradius-server
like it is for postfix for example? I want to understand the contiguities
between proxiing, outer-tunnel, inner-tunnel for example. If I have
a users file and a sql-database, where does freeradius look first and
what if there is an entry in both databases but they differ in the
password used. So many questions.


More information about the Freeradius-Users mailing list