OPNsense Forum
Archive => 17.7 Legacy Series => Topic started by: sens_ible on October 12, 2017, 07:07:00 am
-
I have installed the freeradius plugin and so far everything seems to work fine.
I would like to trace radius authentication in more detail. In particular, I want to know details about unauthorised authentication attempts.
Is there a way to log the combination of user name and MAC address which is used for an authentication attempt? I think it might be in the logfile.
Can I log radius activities via the GUI?
Or can I inspect the radius logfile via the GUI (or via a convenient api call ;-) )?
Is there a way to backup the radius logfiles for later analysis?
It would be extremely convenient to have them emailed regularly but it would also be fine to backup them regularly on google drive, preferably encrypted.
-
For external backup you should use remote syslog. For the other things I'll have a look the next days. Not sure if MAC is also logged.
-
In order to log authorisation requests, one has to enable it in the radiusd.conf, log section, "auth = yes". I think the entries should include the MAC address.
However, I do not know if the radiusd.conf will be overwritten by an OPNsense template when I edit it manually.
-
We actually restructure it, be patient :)
-
My second name is "patience" :)
Actually, I set the entry in the conf file to "yes" and it really logs username and MAC address. So you will not work in vain ;)
-
Is it also possible to set it in site-enabled? I don't like to touch radiusd.conf ...
If yes, I'll add a button for ... just for you 8) :-*
-
Is it also possible to set it in site-enabled? I don't like to touch radiusd.conf ...
Where can I do this? Is there another config file for that?
If yes, I'll add a button for ... just for you 8) :-*
Well, that's what I expected. Finally it is a <bad_joke> PERSONAL firewall </bad_joke> ::)
No seriously, thanks a lot for your support!!!
-
This week this will be finished :)