FreeRADIUS is a modular, high performance free RADIUS suite developed and distributed under the GNU General Public License, version 2, and is free for download and use. The FreeRADIUS Suite includes a RADIUS server, a BSD-licensed RADIUS client library, a PAM library, an Apachemodule, and numerous additional RADIUS related utilities and development libraries.[2]
In most cases, the word "FreeRADIUS" refers to the freeopen-source RADIUS server from this suite.
FreeRADIUS is the most popular open source RADIUS server[3] and the most widely deployed RADIUS server in the world.[3] It supports all common authentication protocols, and the server comes with a PHP-based web user administration tool called dialupadmin. It is the basis for many commercial RADIUS products and services, such as embedded systems, RADIUS appliances that support Network Access Control, and WiMAX. It supplies the AAA needs of many Fortune-500 companies, telcos, and Tier 1 ISPs. It is also widely used in the academic community, including eduroam. The server is fast, feature-rich, modular, and scalable.
History
FreeRADIUS was started in August 1999 by Alan DeKok and Miquel van Smoorenburg. Miquel had previously written the Cistron RADIUS server, which had gained widespread usage once the Livingston server was no longer being maintained. FreeRADIUS was started to create a new RADIUS server, using a modular design that would encourage more active community involvement.[citation needed]
As of November 2014, the FreeRADIUS Project has three Core Team members: Alan DeKok (Project Leader), Arran Cudbard-Bell (Principal Architect), and Matthew Newton.[4]
The latest major release is FreeRADIUS 3. FreeRADIUS 3 includes support for RADIUS over TLS, including RadSec, a completely rewritten rlm_ldap module, and hundreds of other minor consistency and usability enhancements. The latest mature version is maintained for stability rather than features.
The previous major release v2.2.x has entered the final phase of its lifecycle, and will now receive security fixes only [5]
A survey in 2006 showed that its user base totals 100 million people.[3]
Features
Modules included with the server core support LDAP, MySQL, PostgreSQL, Oracle, and many other databases. It supports all popular EAP authentication types, including PEAP and EAP-TTLS.[6] More than 100 vendor dictionaries are included, ensuring compatibility with a wide range of NAS devices.[7]
Version 2.0.0 added support for virtual hosting, IPv6, VMPS, and a new policy language that simplifies many complex configurations.
Administration tools
daloRADIUS: an advanced RADIUS web management application for managing hotspots and general-purpose ISP deployments. It features user management, graphical reporting, accounting, a billing engine, and integrates with OpenStreetMap for geolocation. The system is based on freeRADIUS with which it shares access to the backend database. [8]
phpRADminArchived 2015-02-07 at the Wayback Machine : a tool written in PHP intended to handle the administration and provisioning of FreeRADIUS over the Web with MySQL as backend.[9]
Dialup Admin: a powerful web interface written in PHP comes with FreeRADIUS to administer radius users. Dialup Admin supports users either in SQL (MySQL or PostgreSQL are supported) or in LDAP. No longer under active development.
ezRadius: web-based management app. The main aim is to provide radius server or hotspot administrator a simple web-based management application. FreeRADIUS must be configured to use MySQL as backend.
RADIUSdesk:RADIUSdesk has been developed since 2012 as tool to manage wireless Internet and has been under active development ever since.
PostgreSQL, also known as Postgres, is a free and open-source relational database management system (RDBMS) emphasizing extensibility and SQL compliance. PostgreSQL features transactions with atomicity, consistency, isolation, durability (ACID) properties, automatically updatable views, materialized views, triggers, foreign keys, and stored procedures. It is supported on all major operating systems, including Linux, FreeBSD, OpenBSD, macOS, and Windows, and handles a range of workloads from single machines to data warehouses or web services with many concurrent users.
Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized authentication, authorization, and accounting (AAA) management for users who connect and use a network service. RADIUS was developed by Livingston Enterprises in 1991 as an access server authentication and accounting protocol. It was later brought into IEEE 802 and IETF standards.
OpenLDAP is a free, open-source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. It is released under its own BSD-style license called the OpenLDAP Public License.
IEEE 802.1X is an IEEE Standard for port-based network access control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.
The following tables compare general and technical information for a number of relational database management systems. Please see the individual products' articles for further information. Unless otherwise specified in footnotes, comparisons are based on the stable versions without any add-ons, extensions or external programs.
The Protected Extensible Authentication Protocol, also known as Protected EAP or simply PEAP, is a protocol that encapsulates the Extensible Authentication Protocol (EAP) within an encrypted and authenticated Transport Layer Security (TLS) tunnel. The purpose was to correct deficiencies in EAP; EAP assumed a protected communication channel, such as that provided by physical security, so facilities for protection of the EAP conversation were not provided.
Extensible Authentication Protocol (EAP) is an authentication framework frequently used in network and internet connections. It is defined in RFC 3748, which made RFC 2284 obsolete, and is updated by RFC 5247. EAP is an authentication framework for providing the transport and usage of material and parameters generated by EAP methods. There are many methods defined by RFCs, and a number of vendor-specific methods and new proposals exist. EAP is not a wire protocol; instead it only defines the information from the interface and the formats. Each protocol that uses EAP defines a way to encapsulate by the user EAP messages within that protocol's messages.
In computing, a solution stack or software stack is a set of software subsystems or components needed to create a complete platform such that no additional software is needed to support applications. Applications are said to "run on" or "run on top of" the resulting platform.
A LAMP is one of the most common software stacks for the web's most popular applications. Its generic software stack model has largely interchangeable components.
strongSwan is a multiplatform IPsec implementation. The focus of the project is on authentication mechanisms using X.509 public key certificates and optional storage of private keys and certificates on smartcards through a PKCS#11 interface and on TPM 2.0.
Catalyst is an open-source web application framework written in Perl. It closely follows the model–view–controller (MVC) architecture and supports a number of experimental web patterns. It is written using Moose, a modern object system for Perl. Its design is heavily inspired by frameworks such as Ruby on Rails, Maypole, and Spring.
Internet Authentication Service (IAS) is a component of Windows Server operating systems that provides centralized user authentication, authorization and accounting.
WiFiDog was an open source embeddable captive portal solution used to build wireless hotspots. It is no longer an active project after not being updated for several years.
Silverstripe CMS is a free and open source content management system (CMS) and framework for creating and maintaining websites and web applications. It provides an out of the box web-based administration panel that enables users to make modifications to parts of the website, which includes a WYSIWYG website editor. The core of the software is Silverstripe Framework, a PHP Web application framework.
EGroupware is free open-source groupware software intended for businesses from small to enterprises. Its primary functions allow users to manage contacts, appointments, projects and to-do lists. The project releases its software under the terms of GNU General Public License (GPL).
Tryton is a three-tier high-level general purpose computer application platform on top of which is built an enterprise resource planning (ERP) business solution through a set of Tryton modules. The three-tier architecture consists of the Tryton client, the Tryton server and the database management system.
ProFTPD is an FTP server. ProFTPD is Free and open-source software, compatible with Unix-like systems and Microsoft Windows . Along with vsftpd and Pure-FTPd, ProFTPD is among the most popular FTP servers in Unix-like environments today. Compared to those, which focus e.g. on simplicity, speed or security, ProFTPD's primary design goal is to be a highly feature rich FTP server, exposing a large amount of configuration options to the user.
Dolibarr ERP CRM is an open source, free software package for companies of any size, foundations or freelancers. It includes different features for enterprise resource planning (ERP) and customer relationship management (CRM) but also other features for different activities.
multiOTP is an open source PHP class, a command line tool, and a web interface that can be used to provide an operating-system-independent, strong authentication system. multiOTP is OATH-certified since version 4.1.0 and is developed under the LGPL license. Starting with version 4.3.2.5, multiOTP open source is also available as a virtual appliance—as a standard OVA file, a customized OVA file with open-vm-tools, and also as a virtual machine downloadable file that can run on Microsoft's Hyper-V, a common native hypervisor in Windows computers.
This page is based on this Wikipedia article Text is available under the CC BY-SA 4.0 license; additional terms may apply. Images, videos and audio are available under their respective licenses.
