The content of this topic has been archived on 5 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Has anyone tried to run FreeRadius or another radius server ON OpenWRT.
I was thinking of a Hotspot in a box:
Asus 520p/Fonera 2.0 + USB Storage + FreeRadius providing Hotspot via Chillispot (captive portal) & LEAP for WPA2 Enterprise auth. Having Dual SSID, one for Chillispot, and another for the WPA2
Anyone tried this????
So the problem with FreeRADIUS is, it wants to fork off a bunch of processes. This is not a problem on a basic Linux PC which has comparatively tons of RAM and some swap. The problem is your typical OpenWRT system does not have tons of RAM and has no swap. I think a 64 meg RAM system is the minimum I'd want to try this on. For this usage what is really needed is a RADIUS server that runs in a single process. It could be massively stripped down as FreeRADIUS does a lot of things that are frankly not needed in small shops.
I run NEARLY everything on 32 meg RAM WRT54GS v1.0 and WRTSL54GS units at some remote WISP sites. OpenVPN for a secure pipe back to mothership, ChilliSpot for the captive portal. Room left over for a few utilities. However these routers point back to a full Linux PC (well actually a tiny fit-PC Slim unit) that runs Ubuntu and hosts main website and RADIUS.
What I was looking for was yes, a massively stripped down version of FreeRadius or if someone has done some work along the lines of:
FreeRadiusLite + SQLite which would support EAP auth... however I am not sure how much load is put on the Radius server from (P/L)EAP(-TLS), but it would make for a very tidy solution to have it all on the local router.
I only want to have a pool of about 20 or so users, but using RADIUS so I can have individual logins via Chillispot or similar captive portal and / or associations via EAP using the same username and password, onto a different SSID with WPA2 enabled. This would also give accounting / quasi billing to monitor usage over the WIFI to make sure no one is being too excessive on the traffic front.
Check out Coova.org, it's an OpenWrt-based hotspot solution that sounds similar to what you want.
The discussion might have continued from here.