Nethserver-freeradius integration module

alextunschi · March 9, 2021, 8:22am

Any chance on help in installing this module? It gives me the following error:
Loaded plugins: changelog, fastestmirror, nethserver_events
Loading mirror speeds from cached hostfile

ce-base: centos.mirror.server24.net
ce-extras: centos.mirror.server24.net
ce-sclo-rh: centos.mirror.server24.net
ce-sclo-sclo: centos.mirror.server24.net
ce-updates: centos.mirror.server24.net
epel: mirrors.nav.ro
nethforge: ketrax.eu
nethserver-base: ketrax.eu
nethserver-updates: ketrax.eu
No package nethserver-freeradius available.
Error: Nothing to do

Thank you!

stephdl · March 13, 2021, 4:00am

yum install https://mirror.de-labrusse.fr/NethDev/nethserver-freeradius/nethserver-freeradius-0.0.7-1.1.g29c2100.ns7.noarch.rpm

You cannot expect support of me for this rpm I just built and kept the sources for other like you

fausp · April 18, 2021, 1:55pm

Do you mean freeradius server service runs directly on OPNsense?

Andy_Wismer · April 18, 2021, 2:01pm

@fausp

Hi

Yes, it’s a plug-in, but fully integrated…

Anyone asked about LDAP / AD Integration?

fausp · April 18, 2021, 2:05pm

@ Andy_Wismer
Hi Andy, looks vy cool! I will test it immediately …

Andy_Wismer · April 18, 2021, 2:08pm

@fausp

I’m moving in the next ten days, but plan on using Radius for WiFi after moving…

fausp · April 18, 2021, 2:13pm

Maybe you can help me to write a HowTo for Nethserver AD / OPNsense Radius / WPA2 Enterprise Mode?

Andy_Wismer · April 18, 2021, 2:17pm

@fausp

Would be a good idea…

I had that before running, when still using SME Server…
But that wasn’t AD integrated, only MS NT Domain.

At the moment I have too many Home Entertainment stuff which requires WPS2 PSK - and these mostly can’t use WPA2 Enterprise… Bose, Sonos (Not sure?), but there are plenty out there…
So I’m getting another WLan-AP for Radius / WPA2-Enterprise…

Andy_Wismer · April 18, 2021, 2:18pm

One thing is sure though: Your NethServer AD needs a correct LE SSL cert…

I’ve prepped my AD, SSL works sofar well…

fausp · April 18, 2021, 2:26pm

Could also be a step in the HowTo…

fausp · April 18, 2021, 2:39pm

What do you think is better, to get and manage the LE-cert with OPNsense or with Nethserver? Or a mix of both, depending on the needs…?

danb35 · April 18, 2021, 3:03pm

Get and manage the cert on the device that’s going to use it if possible.

Andy_Wismer · April 18, 2021, 3:05pm

Always better and simpler… But not always possible or optimal…

danb35 · April 18, 2021, 3:14pm

Hence “if possible.” If it isn’t possible (or practical), as is the case with my Mikrotik switches, then you’ll need to come up with a way to get the cert somewhere else, and automatically deploy it to whatever’s going to use it. Lots of ways to do that, and there may not be one “right” answer.

Andy_Wismer · April 18, 2021, 3:17pm

@danb35

This looks interesting, for Microtik Routers (Switches too, eg if using vLans…):

Usually gives more options with the specific hw / sw…

fausp · April 18, 2021, 4:01pm

Andy_Wismer · April 18, 2021, 4:59pm

@fausp

Not really, never heard of the App…

One of the main “issues” with WPA2 (Enterprise) is for Windows the nead to use MS-Chapv2. Not the most secure thing - but it does work on most platforms supporting it…

danb35 · April 18, 2021, 5:01pm

The way for what? What potential problem or need would you be trying to address with this?

fausp · April 18, 2021, 5:05pm

The description is here:

danb35 · April 18, 2021, 5:07pm

Sure, I can see the description on their website. But why would you want to use it?