FreeRADIUS will require some file configuration before it can be used. This section will show what and how to edit the files.
Note: These instructions are provided as an example, and your environment will differ.
The RADIUS configuration file will most likely not require changes. This file location is /usr/lib/firewalld/services/radius.xml.
A Vendor Specific Attribute (VSA) is required when using FreeRADIUS. The VSA information needs to be added to the dictionary and user files.
-
Navigate to
/etc/raddb/dictionaryusing your preferred editor and open the dictionary file and add the information below. The lines may be added to the end of the dictionary file.# itential VENDOR Itential 47688 BEGIN-VENDOR Itential ATTRIBUTE Itential-Group 26 string END-VENDOR Itential -
Navigate to
/etc/raddb/userand open the user file to add the following information.testing Cleartext-Password := "password" Itential-Group = "admin" admin Cleartext-Password := "admin" Itential-Group = "pronghorn_admin" -
Navigate to the
etc/raddb/clients.confand open the client file. The clientlocalhostinformation should be adjusted to reflect the actual IP address for the production environment. The example provided does not need to be changed for a test environment.Figure 1: FreeRADIUS clients.conf File
