Reputation: 34
freeRADIUS with LDAP SASL/Certificate based binding
I am working on freeRADIUS v1.1.7-r0.0.2 with LDAP as backend for authenticating users.
I want to configure freeRADIUS server with certificates instead of using usernames and passwords.
How to configure RADIUS+LDAP using SASL/Certificate based binding ?
Please guide me how to achieve this,is there any help/doc how to configure LDAP SASL bind for RADIUS Server.
Upvotes: 0
Views: 1023
Answers (1)
Reputation: 6065
Support for SASL binding was recently added in v3.0.x, both for administrative binds, and user binds, it's not available in previous versions.
See the SASL sections in the config here
Certificated based binding has always been supported. It's configured with the certificate_file and private_key_file config items.
You cannot pass the SSL tunnel through from something like an EAP conversation.
Upvotes: 0
Related Questions
- FreeRadius - Failed binding to authentication address
- Freeradius EAP-PEAP with LDAP
- FreeRadius rlm_ldap::ldap_groupcmp: ldap_get_values() failed
- Freeradius + Openldap ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
- Group level authentication with FreeRadius - LDAP - FreeIPA
- Freeradius - No authenticate method found
- Freeradius server authentication issue
- FreeRadius + AD + static ip assignment
- How to configure FreeRADIUS with multiple ldap servers?
- Setup FreeRadius + ldap + single sign-on