By Ryan Squires Posted September 9, 2019
FreeRADIUS servers offer a tremendous amount of flexibility and power, but along with that flexibility and power could come a steep learning curve. This is exacerbated by the fact that a FreeRADIUS graphical user interface (GUI) is not built in to the standard FreeRADIUS software solution that people find at FreeRADIUS.org.
With a little digging, however, IT admins will come across FreeRADIUS solutions such as daloRADIUS and RADIUSdesk, both of which include a GUI. While these can prove extremely helpful for more experienced users, novice users may find the lack of support for these open-source tools to be challenging.
Understanding Demand for FreeRADIUS and the RADIUS Protocol
RADIUS is a tried and true protocol that has helped shape the modern internet. It was first used to connect users to remote resources over telephone lines and modems. But, while that use case is no longer the norm, RADIUS provides benefits that make it valuable in modern IT environments. Let’s take a more detailed look into what some of those benefits are.
When you use FreeRADIUS to handle your network authentications, every user gets their own set of credentials. As a result, the security of your network is stronger because your users are no longer using the same creds passed around on sticky notes or posted on the whiteboard.
A key aspect of open source software is flexibility. Open-source software has been iterated and built upon over several years—decades even. Additionally, open source means that anybody can download it, utilize at no cost, and build on top of it, thereby contributing to the open-source project. But, as with most open-source software, it has generally not been tuned to provide for an easy user experience.
RADIUS connects user identities to a wide range of network infrastructure gear including wireless access points (WAPs), switches, routers, VPNs, and more. With a FreeRADIUS server, users can connect to just about any piece of networking infrastructure, with one set of credentials, all without IT admins having to create user profiles for every piece of networking gear.
For heterogeneous computing environments, FreeRADIUS works with all major systems including Windows®, macOS®, and Linux® devices provided they have the correct supplicant (a piece of software that transports user information to RADIUS components). Most major OSes have them built-in, but they’re easily installable ad-hoc should that be required.
Choice of Authentication Protocols
The flexibility of RADIUS extends out to authentication protocols, too. A variety of authentication protocols can be used for network authentication. While the details of these authentication protocols is out of the scope of this article, the ability of the RADIUS infrastructure to leverage a vast range means that FreeRADIUS servers fit into many types of IT environments. Plus, the ability to choose from an array of authentication protocols empowers IT admins to secure their networks with the best fit for their network.
Finally, in a typical FreeRADIUS setup, you’d have a directory service that acts as your single source of truth. Here, the RADIUS server searches for and validates that the users attempting to access network resources are actually allowed that access. FreeRADIUS can act as its own user store, but it is most often backended with OpenLDAP™, Microsoft® Active Directory®, cloud directory service, or one of many other directory service solutions.
Unfortunately, all of these benefits require a considerable amount of configuration to be realized. That means becoming proficient at the command line or finding a FreeRADIUS GUI solution that is both capable of realizing these benefits and intuitive enough to learn without eating into both time and budgetary constraints.
Realizing FreeRADIUS GUI Woes
If you’re not well-versed in the FreeRADIUS command line, configuring the server to work with all your endpoints, switches, VPNs, routers, and more is a tough task. And if you do leverage a FreeRADIUS GUI solution, learning how to use the software may be challenging—especially when you take into account time and budgetary constraints.
Additional Challenges to Overcome
Aside from the software side of configuration work, physically setting up your FreeRADIUS server is no walk in the park. Going the DIY route means finding hardware that is compatible with the FreeRADIUS software. Or you can purchase pre-built solutions, but they are often cost prohibitive. Then, after you purchase the solution, you have to connect that hardware with all of the infrastructure in your environment, which can be quite the challenge. Plus, many of today’s IT admins do not want or simply cannot have any hardware on-prem. Ultimately, for many IT admins who want to simplify the set up and configuration of FreeRADIUS servers, they look towards the cloud.
No matter your level of experience with FreeRADIUS servers and the RADIUS protocol, RADIUS-as-a-Service addresses all of the challenges brought forth by setting up your own FreeRADIUS server. A key aspect of the JumpCloud® Directory-as-a-Service® platform, RADIUS-as-a-Service is built with an easy-to-use, web-based GUI that streamlines the configuration / integration activities inherent to setting up FreeRADIUS. Just add your users to the built-in directory using the GUI, PowerShell module, or G-Suite™ / O365 integrations and point your networking infrastructure at JumpCloud’s pre-configured RADIUS servers. From there you decide who accesses what.
Like RADIUS, JumpCloud is designed to work with a myriad of IT equipment so you can use what’s best for you. You choose the systems (Windows®, Mac®, Linux®), authentication protocols, networking infrastructure, and everything else, and Directory-as-a-Service fits seamlessly into your environment. Instead of configuring significant on-prem tooling, you just use what is best for you and leave the server configuration, maintenance, and the rest to us.
Try RADIUS-as-a-Service For Free Today
With JumpCloud, utilizing a FreeRADIUS GUI is easier than ever before. If you want to see for yourself, schedule a demo, and we’d be happy to walk you through everything that goes into setting up RADIUS for your environment. If you want to try it out, sign up for a free account today. Your first 10 users are free forever.