The freeRADIUS deployment with docker provides a quick and robust way to deploy a radius server with capabilities to authenticate Azure AD joined devices. View Radius logs: tail opt/var/log/radius/radius.log.Connect into container: docker exec -it aad-freeradius-8021x-radius-1 bin/bash.This prints all client connection requests and server activity to the console.ĭuring testing and for troubleshooting during the operation it can be helpful to connect into the docker container to view the logs: To test the radius functionality you can also extend your docker-compose file to launch the freeRADIUS server in foreground mode by adding: Create a DNS record that points to the docker host (A or CNAME): and also the configured server name of the Wi-Fi profile.Deployed the Wi-Fi profile for my previously created lab SSID/Network.For the ADCS based deployment the root and issuing CA certificates need to be deployed anyway to allow issuance of certificates for SCEP clients.I distributed the self-signed certificate of the RADIUS server via Intune as trusted certificate.Created a lab network and corresponding Wi-Fi SSID with WP2 Enterprise authentication.On my unifi router I added a new RADIUS Profile (I also added the accounting parts, this is not necessary, though): # the certificate, the URL can be defined here.īecause the github repos contains a docker-compose and Dockerfile we can automatically build the image (basically just copying config) and sping up a container - that’s awesome, isn’t it?Ĭreating a Wi-Fi network with 802.1x authentication # # If the OCSP Responder address is not extracted from Link to GitHub Repo (nicolonsky/AAD-FreeRadius-802.1x) Issue self-signed certificate #Ī self signed certificate can be issued with: You can find all mentioned configuration files as a GitHub template to easily deploy the solution:
0 Comments
Leave a Reply. |