Thanks for your reply, Fajar. In your example, is the wireless access point the "client" that I've seen referred to in some of the FreeRADIUS documentation? If yes, then I would have these three "clients": 1. Apache web server 2. Open-Xchange server (java-based) 3. Postfix + Dovecot mail server
So, my "clients" should pass a userid/password to FreeRADIUS and receive back an accept or reject from FreeRADIUS? Thomas -----Original Message----- From: freeradius-users-bounces+thomas_reeves=verizon....@lists.freeradius.org [mailto:freeradius-users-bounces+thomas_reeves=verizon....@lists.freeradius. org] On Behalf Of Fajar A. Nugraha Sent: Monday, July 05, 2010 1:44 AM To: FreeRadius users mailing list Subject: Re: What Next?? On Mon, Jul 5, 2010 at 12:20 PM, Thomas Reeves <[email protected]> wrote: > I have a FreeBSD-based gateway server running pfSense software. > I want to authenticate and authorize all incoming http(s) requests before > allowing access to any back-end services. > > However, I seemed to have missed something fundamental about the FreeRADIUS > server what do I do next?? How do I attach FreeRADIUS to the inbound > TCP stream to accept/reject requests?? That question would be better addressed to pfSense support/discussion list. radius does not really care what the end usage is, it simply provides Authentication, Authorization, and Accounting (AAA). Here's a similar example: you can limit which users are allowed to use wireless network on your office by listing the users and their respective password on a radius server. But to get the actual limitation to work, you need to configure your wireless access point to "ask" radius whether a particular user/password combination is allowed. Does this make sense so far? -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
