not logged in | [Login]

Wiki Home

This Wiki

This Wiki is now hosted on a FreeRADIUS project server, with a gollum front end backed by "git". It is now easier to login and make changes. Please see the New Wiki Page for details.

A read only version of the wiki can be checked out using git:

git clone git://git.freeradius.org/wiki.freeradius.org.git

Overview

FreeRADIUS is a modular, high performance and feature-rich RADIUS suite including server, radius client, development libraries and numerous additional RADIUS related utilities.

As the premiere open source RADIUS suite it is included as a standard package with numerous Operating Systems, has binary packages for many others and has source available which is known to build on almost anything. Production deployments include large scale installations comprising multiple AAA servers with over ten million users and millions of requests per day. It supports request proxying, with fail-over and load balancing, as well as the ability to access many types of back-end databases. Different classes of authentication requests can trigger access of different authentication and authorization databases (with cascaded fall back), and Accounting records can be simultaneously recorded in multiple different storage databases and directories.

Other RADIUS Servers are available.

We also keep a list of acknowledgements of contributions to FreeRADIUS development.

Features

  • Complete support for RFC 2865 and RFC 2866 attributes.
  • EAP with EAP-MD5, EAP-SIM, EAP-TLS, EAP-TTLS, EAP-PEAP, and Cisco LEAP EAP sub-types
  • Vendor Specific Attributes for almost one hundred vendors, including BinTec, Foundry, Cisco, Juniper, Lucent/Ascend, HP ProCurve, Microsoft, USR/3Com, Acc/Newbridge and many more.

All known RADIUS Clients are supported.

Flexible Configuration

FreeRADIUS provides a wide range of methods to select user configurations. The server can select a configuration based on any of the following criteria :

  • attributes which have a given value
  • attributes which do not have a given value
  • attributes which are in the request (independent of their value)
  • attributes which are not in the request
  • String attributes which match a regular expression
  • Integer attributes which match a range (e.g. , =)
  • Source IP address of the request. (This can be different from the NAS-IP-Address)
  • Shortname defined for a NAS box. (This can be different from the NAS-Identifier)
  • Group of NAS boxes. (These may be grouped based on Source IP address, NAS-IP-Address, or any other configuration)
  • User-Name
  • DEFAULT template configuration
  • multiple cascading DEFAULT template configurations

In addition, FreeRADIUS supports virtual servers which allow several separate sets of configuration data to coexist inside the same server instance.

Documentation

Beginners are strongly recommended to read the short concepts page, which provides a very light overview of how the server works.

This wiki collects a large amount of documentation relating to glossary together in one place. Pages of particular interest to newcomers will be the FAQ and HOWTO sections, although the Traditional FreeRADIUS docs page includes "man" pages, and other documentation.

There are many third-party web sites and HOWTO's that give advice on FreeRADIUS. They are usually years out of date, and refer to old versions. The advice that they give is also wrong. We strongly recommend that you avoid most third-party documentation.

The following is an overview of the types of information available:

Contributing

FreeRADIUS is an open source project and as such depends on contributions from its users. Even if you don't know C you can still contribute to the project by editing documentation on the wiki, posting bugs on GitHub or helping out on the users mailing list.

If you are comfortable coding in C and have a patch or new module you'd like to see included in the main distribution, please see the submitting patches via GitHub page for instructions on generating a 'pull request'.

For major refactoring and new modules, add an issue to GitHub, so that the core project team can comment on the proposed work.

Bug reports

If you find an issue in the server please report it so that it can be fixed in a future release. The procedure for reporting defects can be found here.