rebuilding a FR server

John Dennis jdennis at redhat.com
Thu Oct 4 21:11:20 CEST 2012


On 10/04/2012 02:46 PM, Andrew Precht wrote:
> Hi users,
> I'm attempting to setup a new virtual FR server on centos6, to replace
> an aging FR 1.13-1.6.el5 server. I have got the new server setup per
> the docs at freeradius.org.
> I've run the simple test using radtest locally and I get an
> Access-Accept. Also, using NTradPing remotely I get an Access-Accept.
> So, I think I've got the basic freeradius and firewall setup
> correctly.
> Now the hard part... I have no documentation or knowledge base for the
> old FR setup. It is used to authenticate WiFi users against a
> proprietary system using a Sybase DB. From what I can tell, it's using
> a perl script to talk to the db.
> I say this because of two lines in the radiusd.conf. One is:
> Auth-Type Perl { perl }  and the other is: perl { module =
> /etc/raddb/sjsu.pl }
>
> My question is: Is it as easy as adding the same two lines to my new
> FR 2.1.12  radiusd.conf and copying over the sjsu.pl to get it to use
> the perl script?

Sorry, no it's not that easy :-(

FreeRADIUS 1.x and 2.x are *not* configuration compatible. Your best bet 
is to start with the default out of the box 2.x config and make only 
incremental changes based on a thorough understanding of how the server 
works and what your requirements are. It's best to keep your config 
files under source code control. If something breaks you can go back to 
a working configuration, review history, etc.

Once that's working do everyone a favor unlike your predecessor and 
document what you did and how it works (at the moment it sounds like 
you're going to have to unravel what your predecessor did, only then can 
you move forward).


-- 
John Dennis <jdennis at redhat.com>

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/


More information about the Freeradius-Users mailing list