FreeRADIUS | Add two factor authentication to FreeRADIUS via privacyIDEA | Authentication library

I am currently facing a problem within my Radius configuration and wanted to ask you for help.

I'am using the FreeRadius-Version 3.0.23

Within the authorize section in radiusd.conf I am trying to create the following unlang expression.

I have users in the following format:

I would like to test 802.1X function for an Ethernet Switch (NAS). I have a Workstation (Windows 10) and an Ubuntu server : I want to test EAP-MSCHAPv2.

I see a tutorial to configure FreeRADIUS : https://wiki.freeradius.org/guide/FreeRADIUS-Active-Directory-Integration-HOWTO

Problem is I don't have a Windows server. Is it possible to test EAP-MSCHAPv2 without it ? How to configure FreeRADIUS ? ... I just want to test a static configuration with one login+password.

Currently my FreeRADIUS works with EAP-MD5 : I already created user profile and NAS config

Can you please help me insert my bash script into freeradius. I would like to start my script each time a user is allowed access via freeradius to my network.

I tried to insert my script into queries (/etc/freeradius/3.0/mods-config/sql/main/mysql/queries.conf), but the script is not invoked.

If you have any idea on how to do this please let me know.

Thank you in advance!

The documentation of FreeRADIUS tells us to run radiusd -X to debug FreeRADIUS.

However, this daemon is not available in Debian:

I did a new installation of PFSense, with version 2.5, where I installed FreeRadius 3 that works together with MySQL for Captive Portal. Since version 2.4, the MySQL radacct table is empty. I can see the logs in /var/log/radacct/{IP}, but what I need is for them to be registered in the MySQL table. I've done a lot of research and I couldn't find a solution. I request your help and thank you very much in advance.

What is the proper/recommended method to pass data between the callbacks in a C module in FreeRADIUS?

For example, I want to create a unique request_id for the request and use it for all log entries during that request. If I create this value inside mod_authorize, how do I pass it over to mod_authenticate on the same request thread, and how do I retrieve it?

I have the following salt state:

I installed FreeRadius 3 on CentOS 7. I got this error message:

Instantiating module "post_proxy_log" from file /etc/raddb/mods-enabled/detail.log /etc/raddb/mods-config/sql/main/oracle/queries.conf[28]: Failed parsing expanded string: /etc/raddb/mods-config/sql/main/oracle/queries.conf[28]: ...ed-IP-Address}','%{Service-Type}','%{Acct-Input-Octets:-0}','%{Acct-Output-Octets:-0}','%{NA... /etc/raddb/mods-config/sql/main/oracle/queries.conf[28]: ^ Unknown module

The Acct-Input-Octets considered as Unknown Module. I enabled "redis" and "rediswho" and installed redis-server. even I think that "redis" is not the module that I missed.

Why FreeRadius can not deal with "Acct-Input-Octets"? What is the required module in mods-enabled that I should activate to use "Acct-Input-Octets"?

I have many users doing Authentication + Accounting packet sent from Network Device [LNS] to freeradius server.

in the accounting packet, client send's how much KB used in their current session.

I have a limit for each user and this limit gets decreased on each accounting packet sent and i stop the user when their limit is reached .

how can I exclude certain URLs from being added into Accounting Packet .