Welcome back for another episode of the ABC's of NSM.  What's NSM you say?  We'll go with Network and System Management, but you could throw Security in there as well.  We'll work our way through the alphabet over the next several weeks looking at tools and concepts along the way for all the administrators out there.  By the way, you can thank Joe for the format & Don for the title (I abc_2 couldn't for the life of me come up with one.)

Today's letter F is for FreeRADIUS, an open-source package allowing administrators to host a RADIUS (remote authentication dial in user service) protocol server.  RADIUS supports AAA--authentication, authorization, & accounting functions, and FreeRADIUS implements those functions well and does it for free, hence the name.  I like free, but I like free and powerful even better.  It supports all the features common to most RADIUS packages, but can also provide redundancy to the authentication calls to the database.  However, since this redundancy is just an ordered list, there is no health checking available.  If that's important to you, you could always just point your db calls to a vip on your BigIP, which will do the health checking to make sure your users need not wait for radius to work its way through the list.  Additional features supported by FreeRADIUS: the ability to prevent double logins, request proxying, & PAM.

If you're setting up a wireless hotspot with a captive portal, or using 802.1x in your user switch closets, or you want to allow Joe Admin full network access but Bob Manager read access only, then FreeRADIUS can help you.  The package is mostly limited to the *nix platforms, but it can also be compiled in your Cygwin environment.

 

Follow me on Twitter Follow me on LinkedIn Follow me on Facebook