- Ignore the links; you may even go as far deleting them for sanity's sake. EAP works as is on a new installation. The less you change on the EAP configuration the better.
- The EAP-TTLS/PAP method makes use of the
inner-tunnel
virtual server instead of thedefault
virtual server when authenticating users. Make sure you also specify the use of theldap
module in theinner-tunnel
virtual server. These virtual servers are independent from each other. - No, when you bind as a user you need to send the user's cleartext password to the LDAP server. When you use PEAP/MSCHAPv2 there is no way to get a cleartext password out of the transaction.
- No lies here! The Universal Password feature allows the
ldap
module to get passwords in cleartext from the LDAP server. There are a few rules to follow in order to get this password. The connection to the LDAP server has to be a secure connection with a special privileged user binding to it to run the queries. Thepassword_attribute...
FreeRADIUS Beginner's Guide
FreeRADIUS Beginner's Guide
Overview of this book
The Open Source pioneers have proved during the past few decades that their code and projects can indeed be more solid and popular than commercial alternatives. With data networks always expanding in size and complexity FreeRADIUS is at the forefront of controlling access to and tracking network usage. Although many vendors have tried to produce better products, FreeRADIUS has proved over time why it is the champion RADIUS server. This book will reveal everything you need to know to get started with using FreeRADIUS.
FreeRADIUS has always been a back-room boy. It's not easy to measure the size or number of deployments world-wide but all indications show that it can outnumber any commercial alternatives available. This essential server is part of ISPs, universities, and many corporate networks, helping to control access and measure usage. It is a solid, flexible, and powerful piece of software, but can be a mystery to a newcomer.
FreeRADIUS Beginner's Guide is a friend of newcomers to RADIUS and FreeRADIUS. It covers the most popular Linux distributions of today, CentOS, SUSE, and Ubuntu, and discusses all the important aspects of FreeRADIUS deployment: Installing, configuring and testing; security concerns and limitations; LDAP and Active Directory integration.
It contains plenty of practical exercises that will help you with everything from installation to the more advanced configurations like LDAP and Active Directory integration. It will help you understand authentication, authorization and accounting in FreeRADIUS. It uses many practical step-by-step examples, which are discussed in detail to lead you to a thorough understanding of the FreeRADIUS server as well as the RADIUS protocol. A quiz at the end of each chapter validates your understanding.Not only can FreeRADIUS be used to monitor and limit the network usage of individual users; but large deployments are possible with realms and fail-over functionality. FreeRADIUS can work alone or be part of a chain where the server is a proxy for other institution's users forwarding requests to their servers. FreeRADIUS features one of the most versatile and comprehensive Extensible Authentication Protocol (EAP) implementations. EAP is an essential requirement to implement enterprise WiFi security. FreeRADIUS Beginner's Guide covers all of these aspects.
Table of Contents (16 chapters)
Preface
Free Chapter
1. Introduction to AAA and RADIUS
2. Installation
3. Getting Started with FreeRADIUS
4. Authentication
5. Sources of Usernames and Passwords
6. Accounting
7. Authorization
8. Virtual Servers
9. Modules
10. EAP
11. Dictionaries
12. Roaming and Proxying
13. Troubleshooting
A. Pop Quiz Answers
Index
Customer Reviews