Freeradius module

[armalite@…]

I don't know if it has been asked before (a fast search shows nothing), but I'd like to see in Ebox a Radius module, specifically for Freeradius, the most used (AFAIK) open source radius server, for wireless authentication purposes. The module in its starting version should ask for:

• access point ip address and shared secret;
  

• list of users (taken from users module) that can (or can't) login via wireless. So, EAP-PEAP should be correct for userid/password authentication. Not sure though if this is the correct place to put this simple ACL. Maybe an external module that associates user-service should work well too;
  

• a CA certificate, a Server certificate in order to let EAP-TLS authentication (which is certificate-driven) work. That way, distributing certificates to clients will let them authenticate on wlan. A problem should be certificate generation, since wireless certificates needs something special aside "normal" certificates, as stated in many eap-tls howtos found on internet.
  

This should be good for having a working, single access point radius configuration. Future version could include multiple access points, better ACL (groups, access points), logging and accounting.

Freeradius uses files, LDAP or mysql/postgresql for users and access point configuration.

[armalite@…]

Radius Module

[anonymous]

I made an initial Radius module, it only configures one Access Point. No users configuration and maybe some bugs, i'll work on it when i'll have some spare time. The module is based on ntp. The only thing i didn't understand is the "enable/disable", disabling radius (and also other modules) doesn't lead to disabling the daemon. Maybe I'm missing something here.

If you need the .deb I can upload it.

[ejhernandez@…]

Thanks very much for your initial effort! We are currently a little lack of time. Anyway, any help you may need, we can provide it ;).

[juruen@…]

Moved to wishlist wiki page