Freeradius on new SG-1100



  • Trying to install Freeradius and from the beginning the service would not start.
    out of radiusd -X give me this.
    I verified that the file its looking for doe not exist. I tried uninstall and re-install.
    Any ideas?

    tls-config tls-common {
    verify_depth = 0
    ca_path = "/usr/local/etc/raddb/certs"
    pem_file_type = yes
    private_key_file = "/usr/local/etc/raddb/certs/server_key.pem"
    Unable to check file "/usr/local/etc/raddb/certs/server_key.pem": No such file or directory
    rlm_eap_tls: Failed initializing SSL context
    rlm_eap (EAP): Failed to initialise rlm_eap_tls
    /usr/local/etc/raddb/mods-enabled/eap[2]: Instantiation failed for module "eap"


  • Rebel Alliance Developer Netgate

    Go to the EAP tab, make sure you select a server certificate there, save, and then see what happens.



  • Thanks for the reply.
    2c8cac5e-2acc-4408-9441-4f547ffbe078-image.png

    Service still wont start.

    Cannot create temporary FreeRADIUS certificate. Visit Services > FreeRADIUS > EAP tab and configure server certificates in the 'Certificates for TLS' section: error:0E06D06C:configuration file routines:NCONF_get_string:no value @ 2019-06-11 11:58:50


  • Rebel Alliance Developer Netgate

    SSL Server Certificate is set to None, try picking a certificate from the list. Or create your own CA/Cert and select it.



  • Your the man!!
    I picked a vpn cert. I went to the CA cert page and see the FreeRadius but under certs showing 0. Is there a way to regenerate the one for FreeRadius?
    2ecd7c30-2090-421a-9ed7-c467b8d2362b-image.png


  • Rebel Alliance Developer Netgate

    That is just an automatic one that should generate itself for convenience. It is much better to make your own.


Log in to reply