Setup :
FreeRadius Server (Linux PC1)---------------------Linux PC2 -----------------------------------AP ----------Users
Details:
1) The users are authenticated from Free radius server.
2) The Linux PC 2acts as Router with IP forwarding enabled.
3) On Linux PC 2 Radius proxy or the Radius relay is to be enabled so that it forwards the requests to/from users.
4) Free radius is installed in both Linux PC , one to act as relay and another as server.
Configuration on Free radius server
1) Users in users.conf
2) The Linux PC 2 as radius client to be defined in clients.conf
3) Start radius server
radiusd -X
radiusd -X
Configuration on Linux PC 2:
Modify below lines in proxy.conf
1) # virtual_server = foo --> Change to -> virtual_server = 10.1.1.1
1) # virtual_server = foo --> Change to -> virtual_server = 10.1.1.1
2) Comment below lines
realm LOCAL {
# If we do not specify a server pool, the realm is LOCAL, and
# requests are not proxied to it.
}
realm LOCAL {
# If we do not specify a server pool, the realm is LOCAL, and
# requests are not proxied to it.
}
to
#realm LOCAL {
# If we do not specify a server pool, the realm is LOCAL, and
# requests are not proxied to it.
#}
#realm LOCAL {
# If we do not specify a server pool, the realm is LOCAL, and
# requests are not proxied to it.
#}
3) Uncomment below lines and give ip address of the Radius server
#realm DEFAULT {
# authhost = radius.company.com:1600
# accthost = radius.company.com:1601
# secret = testing123
#}
to
realm DEFAULT {
authhost = 10.1.1.1
accthost = 10.1.1.1
secret = testing123
}
realm DEFAULT {
authhost = 10.1.1.1
accthost = 10.1.1.1
secret = testing123
}
4) The secret between Radius server and this relay is "testing123".
5) Start the server which should act as relay.
radiusd -X
Configuration on AP
For AP the Radius server is the immediate server i.e. here relay 10.2.1.2
User
Once users are defined properly in Linux PC 1, and setup is done, the users should get authenticated.