* xref:index.adoc[Introduction]
** xref:getstarted.adoc[Getting Started]
*** xref:debugging/radiusd_X.adoc[Debugging]
-*** xref:debugging/startup.adoc[Startup ]
-*** xref:debugging/processing.adoc[Processing Packets]
+**** xref:debugging/startup.adoc[Startup Text]
+**** xref:debugging/processing.adoc[Processing Packets]
*** xref:gethelp.adoc[Getting Help]
** xref:bestpractices.adoc[Best Practices]
*** xref:trouble-shooting/eap_certificates.adoc[EAP Certificates]
-# Packet Processing
+# Processing Packets
+
+include::ROOT:partial$v3_warning.adoc[]
Each line (or most of them) of the packet processing output starts with a request number, e.g. `(0)`. This number lets you track debug messages which are all for one packet. Messages from different packets may be inter-mingled, due to threading or proxying. Prefixing the messages with a number allows the messages to be easily differentiated.
# Startup text
+include::ROOT:partial$v3_warning.adoc[]
+
We start the server with *`-X`*. This option gives us the best combination of useful output, and readable output. Adding more `-x` gives *more complex output*, not *more useful output*.
$ radiusd -X 2>&1 | tee debugfile
--- /dev/null
+[WARNING]
+====
+This section has NOT been updated for v4 and the information may be obsolete. Contact https://www.inkbridgenetworks.com/[InkBridge Networks] for more details.
+====
* xref:index.adoc[Howto Guides]
-** xref:howto:installation/index.adoc[Installing and Upgrading]
+** xref:howto:installation/index.adoc[Install and Upgrade]
*** xref:howto:installation/dependencies.adoc[Dependencies]
*** xref:howto:installation/packages.adoc[Install from Packages]
*** xref:howto:installation/source.adoc[Build from Source]
**** xref:howto:installation/debian.adoc[Debian and Ubuntu]
**** xref:howto:installation/redhat.adoc[RedHat and Rocky]
**** xref:howto:installation/osx.adoc[OSX]
-*** xref:howto:installation/upgrade.adoc[Upgrading from v3 to v4]
+*** xref:howto:installation/upgrade.adoc[Upgrade from v3 to v4]
**** xref:howto:installation/attribute_names.adoc[Attribute Name Changes from v3 to v4]
-** xref:modules/configuring_modules.adoc[Configuring Modules]
+** xref:modules/configuring_modules.adoc[Configure Modules]
*** xref:modules/chap/index.adoc[CHAP]
*** xref:modules/eap/index.adoc[EAP]
*** xref:modules/expiration/index.adoc[Expiration]
## Configure the Server
- include::partial$config_server.adoc[]
+include::partial$config_server.adoc[]
+
[WARNING]
====
== Install from packages
+include::ROOT:partial$v3_warning.adoc[]
+
https://www.inkbridgenetworks.com/[InkBridge Networks] provides pre-built binary packages of FreeRADIUS for common Linux distributions. This is the recommended installation method when packages are available for your system.
The official https://packages.inkbridgenetworks.com/[InkBridge Networks
-== Building from Source
+== Build from Source
-We recommend xref:howto:installation/packages.adoc[installing from packages] if
-possible. Full instructions on building and installing from source
+We recommend that you xref:howto:installation/packages.adoc[install from packages] if possible. Full instructions on building and installing from source
code follow.
The hard xref:howto:installation/dependencies.adoc[dependencies]
The initial output from running in xref:ROOT:debugging/radiusd_X.adoc[debugging mode]
will tell you which configuration files are being used. See
- xref:howto:installation/upgrade.adoc[upgrading] for information about
-upgrading from older versions. There _may_ be changes in the
+ xref:howto:installation/upgrade.adoc[upgrade from v3 to v4] for more information. There _may_ be changes in the
dictionary files which are required for a new version of the
software. These files will not be installed over your current
configuration, so you *must* verify and install any problem files by
major versions of the server. For example - version 2 to version 3, or
version 3 to version 4.
-For details on what has changed between the version, see xref:howto:installation/upgrade.adoc[Upgrading from v3 to v4].
+For details on what has changed between the version, see xref:howto:installation/upgrade.adoc[upgrade from v3 to v4].
We _strongly_ recommend that new major versions be installed in a
different location than any existing installations. Any local policies
-= Upgrading from v3 to v4
+= Upgrade from v3 to v4
The configuration for v4 is _somewhat_ compatible with the v3
configuration. It should be possible to reuse most of a v3
-= Configuring a Module
+= Configure Modules
The configuration files in
xref:reference:raddb/mods-available/index.adoc[mods-available/] file describe
= Extensible Authentication Protocol (EAP)
+include::ROOT:partial$v3_warning.adoc[]
+
== Introduction
Extensible Authentication Protocol(EAP), `RFC 3748`, is an authentication
= rlm_mschap
+include::ROOT:partial$v3_warning.adoc[]
+
The mschap module provides support for `MS-CHAPv1` and `MS-CHAPv2`, which is
a common authentication mechanisms for Microsoft clients.
= Python
+
== Introduction
FreeRADIUS can call Python scripts in order to utilize third party libraries
+=Configure Server
+
Changing the server configuration should be done via the following
steps:
- read the *entire* debug output, looking for words like `error`
or `warning`. These messages usually contain descriptions of
what went wrong, and suggestions for how it can be fixed.
- See xref:debugging/radiusd_X.adoc[an explanation of the debug output] for more details;
+ See xref:ROOT:debugging/radiusd_X.adoc[an explanation of the debug output]
- try replacing your configuration with a saved copy of a "known
working" configuration, and start again. This process can clean
up errors caused by temporary edits, or edits that you have
= Accounting Requests
+include::ROOT:partial$v3_warning.adoc[]
+
+[NOTE]
+======================================================================
+The `radlast` and `radwho` programs are no longer included with the
+server in v4.
+
+The `radutmp` module is no longer included with the server.
+We recommend using sqlite instead of flat-text databases.
+======================================================================
+
*Goal*: To send the server accounting requests and to have the server
log the accounting requests.
*Modules:* detail
-[NOTE]
-======================================================================
-This documentation is out of date for v4, and needs to be fixed.
-
-The `radlast` and `radwho` programs are no longer included with the
-server.
-The `radutmp` module is no longer included with the server.
-We recommend using sqlite instead of flat-text databases.
-======================================================================
In addition to authorization and authentication, one of the primary roles of a
= Using the Autz-Type attribute
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To control which authorization modules are executed for an
`Access-Request`
= Custom Dictionaries and Attributes
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To understand how the dictionaries affect the server and to create
a new vendor-specific dictionary with a number of custom attributes; also, to test those attributes in the server.
= EAP-TLS: Certificate-based authentication
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To configure the server to use the EAP-TLS authentication
protocol and to send and receive test packets.
= EAP-TTLS: Tunneled authentication
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To configure the server to use the EAP-TTLS authentication
protocol and to send and receive test packets.
= Group Project - Simulating a production service
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To create a simulated, federated, production service
*Time:* 2-3 hours
= Module Fail-Over
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To configure the server to use a "backup" module if a
"primary" module fails.
= Multiple instances of a module
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To configure the server to have multiple instances of a module.
*Time:* 10-20 minutes
= A simple pre-paid example
+include::ROOT:partial$v3_warning.adoc[]
+
+
*Goal:* To implement a simple "prepaid" functionality in the server.
*Time:* 15-25 minutes
= Configuring a server to proxy requests
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To configure the server to proxy packets to a remote (home)
RADIUS server and to perform test authentications against both the
proxy server and the home server.
= Proxy Fail-over
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To configure a "backup" home server that is used when the
"primary" home server fails.
= Proxy Load Balancing
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To configure a server to load-balanceproxied requests across
multiple home servers.
= Configuring a server to send and receive proxy requests
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To configure the server to proxy packets to a remote (home)
RADIUS server and to receive packets from another proxy server.
= Communicating with an SQL database
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To configure the server to communicate with an SQL database.
*Time:* 25-40 minutes.
= Splitting strings
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* Explore uses of regular expressions and subcapture groups
*Time:* 10-20 minutes
= Update blocks and simple conditions
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* Explore uses of update blocks in the policy language
*Time:* 10-25 minutes
= Virtual Servers
+include::ROOT:partial$v3_warning.adoc[]
+
*Goal:* To understand how to create and use a new virtual server.
*Time:* 20-30 minutes
projects / thirdparty / freeradius-server.git / commitdiff
