Daily Archives: January 11, 2017


Only the parameters which are changing listed, the other parts of the file should be leaved intact.   /private/etc/raddb/attrs … DEFAULT Tunnel-Type == VLAN, Tunnel-Medium-Type == IEEE-802, Tunnel-Private-Group-Id =* ANY, …   /private/etc/raddb/radiusd.conf … max_request = 16384 proxy_requests = no $INCLUDE clients.conf …     /private/etc/raddb/eap.conf … default_eap_type = peap #gtc […]

PEAP configuration for freeradius and opendirectory


802.1x supplicants can be monitored and logged with mySQL and a simple php code. “Allow network connection” permission is required for mySQL connection.   mySQL root password also can be asssinged at this moment. from mySQL CLI interface an additional configuration is required as written below:   servername root#mysql –uroot –pabc123 mysql>CREATE DATABASE radius; […]

Log management with mySQL for 802.1x




MAC IDs can be used as an alternate authentication. On most of the vendors LAN switches, it is possible to use MAC authentication even 802.1x port based authentication is enabled on the same physical port. But Unauthenticated-VID can only configurable for MAC authentication most of the time. In case of a successful […]

MAC authentication with free radius



There are tools to create a Certification Authority and processing certificates in OpenSLL installation. Below you can find the steps to create a CA, a Radius server certificate and an IP Phone certificate. If your IP phones have no real time clock, you can change your servers clock temporarly to […]

Creating Certificates with OpenSSL