Ok, Im aware this can be done. I think via radius proxy, I’m just a little uncertain how to acheive this. I’m thrilled that I can run the captive portal in bridge mode. I’ve been looking for somthing to do this. Anyway. I want to authenticate my captive portal users via, an existing, functioning freeRADIUS server. I think I do this via the local radius server and proxy it to an external radius server. I really have no idea how to do this with zeroshell. I could noodle my way through it I suppose, but It would be really great if someone has done this, and could send me a quide, or help me through it.
it’s hard to say without crawling inside your setup…..but….. First thing I would check is if your radius server is actually getting requests from zeroshell. if it is, see what form the request is in. make sure the radius attributes are the same. Also check to see if zeroshell is asking for a request from a user in the “email@example.com” format, as apposed to just the user name. There should be some sort of Log, or troubleshooting program with tekradius that will allow to first see if it’s even working, as well, as see any logs of requests made to it.
Radius servers typically have to have the IP of the device making the request registered withing the radius server as a allowed NAS. make sure your ports and radius secrets are good as well.
Like I said, the problem I had was that zeroshell was sending out a “firstname.lastname@example.org” whilst the users in my radius database were listed as just “user”
So I added a “default” as apposed to “remote” or “local” proxy server under the radius section in zeroshell. This sends a request to the radius server as just a user name without the rehlm.