OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • Logging freeradius actions
« previous next »
  • Print
Pages: [1]

Author Topic: Logging freeradius actions  (Read 4071 times)

sens_ible

  • Newbie
  • *
  • Posts: 22
  • Karma: 0
    • View Profile
Logging freeradius actions
« on: October 12, 2017, 07:07:00 am »
I have installed the freeradius plugin and so far everything seems to work fine.

I would like to trace radius authentication in more detail. In particular, I want to know details about unauthorised authentication attempts.

Is there a way to log the combination of user name and MAC address which is used for an authentication attempt? I think it might be in the logfile.

Can I log radius activities via the GUI?

Or can I inspect the radius logfile via the GUI (or via a convenient api call ;-) )?

Is there a way to backup the radius logfiles for later analysis?

It would be extremely convenient to have them emailed regularly but it would also be fine to backup them regularly on google drive, preferably encrypted.
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6336
  • Karma: 435
    • View Profile
Re: Logging freeradius actions
« Reply #1 on: October 12, 2017, 09:35:16 am »
For external backup you should use remote syslog. For the other things I'll have a look the next days. Not sure if MAC is also logged.
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

sens_ible

  • Newbie
  • *
  • Posts: 22
  • Karma: 0
    • View Profile
Re: Logging freeradius actions
« Reply #2 on: October 12, 2017, 08:09:18 pm »
In order to log authorisation requests, one has to enable it in the radiusd.conf, log section, "auth = yes". I think the entries should include the MAC address.

However, I do not know if the radiusd.conf will be overwritten by an OPNsense template when I edit it manually.
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6336
  • Karma: 435
    • View Profile
Re: Logging freeradius actions
« Reply #3 on: October 12, 2017, 08:31:28 pm »
We actually restructure it, be patient :)
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

sens_ible

  • Newbie
  • *
  • Posts: 22
  • Karma: 0
    • View Profile
Re: Logging freeradius actions
« Reply #4 on: October 12, 2017, 09:41:12 pm »
My second name is "patience"  :)

Actually, I set the entry in the conf file to "yes" and it really logs username and MAC address. So you will not work in vain  ;)
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6336
  • Karma: 435
    • View Profile
Re: Logging freeradius actions
« Reply #5 on: October 12, 2017, 10:09:54 pm »
Is it also possible to set it in site-enabled? I don't like to touch radiusd.conf ...
If yes, I'll add a button for ... just for you  8) :-*
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

sens_ible

  • Newbie
  • *
  • Posts: 22
  • Karma: 0
    • View Profile
Re: Logging freeradius actions
« Reply #6 on: October 13, 2017, 08:33:53 am »
Quote from: mimugmail on October 12, 2017, 10:09:54 pm
Is it also possible to set it in site-enabled? I don't like to touch radiusd.conf ...
Where can I do this? Is there another config file for that?

Quote from: mimugmail on October 12, 2017, 10:09:54 pm
If yes, I'll add a button for ... just for you  8) :-*
Well, that's what I expected. Finally it is a <bad_joke> PERSONAL firewall </bad_joke>  ::)

No seriously, thanks a lot for your support!!!
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6336
  • Karma: 435
    • View Profile
Re: Logging freeradius actions
« Reply #7 on: November 13, 2017, 07:46:06 am »
This week this will be finished :)
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • Logging freeradius actions
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2