What is AAA in networking? The acronym AAA stands for “Authentication, Authorization, and Accounting” . It defines an architecture which authenticates and grants authorization to users and, and afterwards accounts for their act...
8 Most common RADIUS mistakes We see a lot of questions on the FreeRADIUS mailing list and from our clients that boil down to “RADIUS isn’t working. Can you tell me why?” . Most of the time, the problem isn’t with RADIUS itself, i...
Why your RADIUS server should run in a VM Your network can go down for really simple reasons. A junior system admin might inadvertently type the wrong thing into a command line, or a minor upgrade can break some obscure dependency between lib...
What does a "Shared secret is incorrect" error mean? The root cause for both messages is the same, and is unambiguous: The shared secret on the RADIUS server and the NAS are not the same . However, there can be some confusion because, depending on what ...
WiFi spoofing for fun and profit You can spend as much time as you want securing your RADIUS server infrastructure and the rest of your network. But are you really secureagainst WiFi spoofing attacks? In this article, we show just ho... Network Security Best Practices Security Threats and Vulnerabilities
The FreeRADIUS getting started guide After an administrator installs FreeRADIUS for the first time, the big question is “Now what?” Most sites need complex policies, interactions with databases, and logging. Yet the documentation for the... Network Security Best Practices
Virtual servers with FreeRADIUS Virtual servers provide a powerful way to define unique policies for different traffic sources . When policy rules for each traffic source are defined in their own separate configuration file, it’s a ...
Configuring FreeRADIUS authentication with PAP (Password Authentication Protocol) Introduction to PAP authentication Password Authentication Protocol (PAP) is one of the most fundamental authentication methods used in Remote Authentication Dial-In User Service (RADIUS). Despite bei... Network Security Best Practices Network Security Protocols
The FreeRADIUS Auth-Type attribute The FreeRADIUS Auth-Type attribute is often misunderstood and misused. There are actually very few situations where this attribute should be manipulated at all. Rule 1: Don’t use the Auth-Type attribu... Network Security Best Practices
Creating server certificates for FreeRADIUS Once the initial EAP testing has been performed, it's time to create the production-grade server certificates for your FreeRADIUS environment. These certificates form the foundation of secure communic... Network Security Best Practices
Configuring EAP for FreeRADIUS Once FreeRADIUS has been configured to use PAP , it is straightforward to configure the server to use EAP for authentication. This article will walk through all the necessary steps. Step 1: Install Op... Network Security Best Practices
Common EAP configuration problems and how to fix them If you have followed the steps for configuring EAP and are encountering problems, there are only a few things that go wrong. This article goes through the most common issues and how to fix them. Serve... Network Security Best Practices