FreeRADIUS is a modular, high performance and feature-rich [[RADIUS|glossary/RADIUS]] suite including [[server|config/radiusd]], [[radius client|Radclient]], development libraries and numerous additional [[RADIUS|glossary/RADIUS]] related utilities.
As the premiere open source RADIUS suite it is included as a [[standard package|building/packages]] with numerous Operating Systems, has binary packages for many others and has source available which is known to [[build|building/build]] on almost anything. Production deployments include large scale installations comprising multiple [[AAA|glossary/AAA]] servers with over ten million users and millions of requests per day. It supports request [[proxying|config/proxy]], with [[fail-over|config/fail-over]] and [[load balancing|config/load balancing]], as well as the ability to access many types of back-end databases. Different classes of [[authentication|glossary/Authentication]] requests can trigger access of different [[authentication|glossary/Authentication]] and [[authorization|glossary/Authorization]] databases (with cascaded fall back), and [[Accounting|glossary/Accounting]] records can be simultaneously recorded in multiple different storage databases and directories.
[[Other RADIUS Servers|glossary/Other RADIUS Servers]] are available.
We also keep a list of [[acknowledgements|project/Acknowledgements]] of contributions to FreeRADIUS development.
- Complete support for RFC 2865 and RFC 2866 attributes.
- [[EAP|protocol/EAP]] with EAP-MD5, EAP-SIM, EAP-TLS, EAP-TTLS, [[EAP-PEAP|protocol/EAP-PEAP]], and Cisco [[LEAP|protocol/LEAP]] EAP sub-types
- [[Vendor Specific Attributes|glossary/Vendor-Specific Attributes]] for almost one hundred vendors, including BinTec, Foundry, [[Cisco|vendor/Cisco]], Juniper, Lucent/Ascend, [[HP ProCurve|vendor/HP]], Microsoft, USR/3Com, Acc/Newbridge and many more.
All known [[RADIUS Clients|glossary/RADIUS Clients]] are supported.
- [[RADIUS Clients|glossary/RADIUS Clients]]
- [[EAP Clients|guide/EAP Clients]]
FreeRADIUS provides a wide range of methods to select user configurations. The server can select a configuration based on any of the following criteria :
- [[attributes|protocol/Attributes]] which have a given value
- [[attributes|protocol/Attributes]] which do not have a given value
- [[attributes|protocol/Attributes]] which are in the request (independent of their value)
- [[attributes|protocol/Attributes]] which are not in the request
- String [[attributes|protocol/attributes]] which match a regular expression
- Integer [[attributes|protocol/attributes]] which match a range (e.g. , =)
- Source IP address of the request. (This can be different from the NAS-IP-Address)
- Shortname defined for a NAS box. (This can be different from the NAS-Identifier)
- Group of NAS boxes. (These may be grouped based on Source IP address, NAS-IP-Address, or any other configuration)
- User-Name
- DEFAULT template configuration
- multiple cascading DEFAULT template configurations
In addition, FreeRADIUS supports [[virtual servers|config/virtual server]] which allow several separate sets of configuration data to coexist inside the same server instance.