Problems configuring IP Fire to work with Freeradius
Dennis Bühler
dennisbuehler at mailbox.org
Tue Aug 17 19:36:57 CEST 2021
Hey people,
i have big problems configuring ip fire to work with freeradius server.
ip fire should be the authenticator and "ask" freeradius about the permission to open the connection from the green network to the wan. I just changed the necessary configuration of IP Fire. That it should use red/green/orange and assigned the interfaces. In the orange net there is the freeradius server (ubuntu server) and in the green net there are the clients (ubuntu/w10). The clients in the green net get their ip adresses dynamicallyfrom DHCP. The clients in the green network send their requests over the integrated ip-fire proxy in non transparent mode. Clients and server can ping addresses in the wan and each other. So everybody can reach everybody.
After the installation of Freeradius i did the recommended functional test of the "getting started" section and it worked correctly. Now i cant find a solution to work with ipfire as an authenticator. Actually there are just a few settings to configure in the userinterface.
wiki.ipfire.org/configuration/network/proxy/wui_conf/auth/radius
I set up the following.
IP and Ports (1812/1813) of the Radius Server, the Shared Secret, the hostname of the Radius Servers.
Activated user identification and added the existing user (same as i tested locally, working fine) to the whitelist.
If i now restart the server / clients, the clients are connected to the internet without identification by dhcp. for testing i deactivated the firewall.
nothing happens in the debugging shell. it seems like that the communication between client an authenticator or between authenticator and freeradius does not work.
Freeradius, Ubuntu Client and IpFire are directly connected (VMs in Hyper V).
Sorry because of my bad english. perhaps you have some idea what i obviously forgot to consider or perhaps had the same problem..
Would be nice to get some information.
Kind regards
Dennis
More information about the Freeradius-Users
mailing list