Authentication in external freeradius
-
Hello.
How do I configure my index.html page, default page of the captive portal, to authenticate users on an external radius (IP: 192.168.0.1).
My radius is connected to a mysql database, raddb bench, table radcheck.
I used the following link to configure freeradius: http://dcamero.azurewebsites.net/freeradius-daloradius.html
Thanks in advance.
-
Ok.
Nice.
Is there a question ? -
@cesarufmt:
How do I configure my index.html page, default page of the captive portal, to authenticate users on an external radius (IP: 192.168.0.1
You don't. You configure this on the captive portal config page.
-
Thanks for the answers.
I pointed the radius to an IP LAN where the radius is connected with MySQL on a Ubuntu machine. I created a test user Radius. I checked in MySQL and the user was created in the bank and correct table. But the test appears:
"In RADIUS valid responses received"
Note: testing locally on the server ubuntu radtest the works OK.
-
@cesarufmt:
But the test appears:
"In RADIUS valid responses received"
Note: testing locally on the server ubuntu radtest the works OK.
I'm not sure where you're seeing this, but if you're getting a message somewhere suggesting the response is valid, doesn't that mean it's working?
-
Ready. It worked.
Lacked create client configuration and give permission for the PfSense IP in the radius server.
Thank you for your help.
:) 8)
-
I hate it not having details when a solution is provided.
I run into this same issue when I was trying to get captive portal to authenticate to an external freeradius server I had setup on a different lan and this is how I figured it out
- test the user/locally on your radius server and ensure you have the right user/pass combo
- first ensure that your client and your pfsense box is able to ping the external radius server. that's obvious. if having problems check your firewall logs, rules and if needed whitelist the radius server in your captive portal configuration.
- get freeradius started in debug mode on your external radius server
a. first turn off the service and then start it backup again using either radiusd -x or freeradius -X on your external radius server and ensure you get the prompt to see the requests as they come in. - try to authenticate to the server from the client.. I was using captive portal so I tried with a know good user
- check the console on your radius server to see where the request is coming and why is being ignored or rejected.
my particular problem was that I set te client.conf file on the radius server with the ip address of the lan where I setup captive portal and I should've set up the ip address of interface facing the radius server instead. this was obvious once I saw the authentication request being ignored while in debug mod by the radius server as they were not coming from the ip I set up in the client.conf.
Hope this helps some one
