Freeradius server 3.0.19 released

The FreeRADIUS Server Project is a high performance and highly configurable multi-protocol policy server, supporting RADIUS, DHCPv4, and VMPS. It is available under the terms of the GNU GPLv2. Using RADIUS allows authentication and authorization for a network to be centralized, and minimizes the number of changes that have to be done when adding or deleting new users to a network.

FreeRADIUS can authenticate users on systems such as 802.1x (WiFi), dial-up, PPPoE, VPN’s, VoIP, and many others. It supports back-end databases such as MySQL, PostgreSQL, Oracle, Microsoft Active Directory, Apache Cassandra, Redis, OpenLDAP, and many more. It is used daily to authenticate the Internet access for hundreds of millions of people, in sites ranging from 10 to 10 million+ users.




Changelog v3.0.19

  • Update
  • Update sqlippool to allow for stored procedures with PostgreSQL. This increases performance substantially Patch from Nathan Ward. Fixes #2540.
  • Re-added “show client config” command to radmin.
  • Cleaned up mods-available/sql example so that it is easier to understand.
  • Added pfSense dictionary. Closes #2581.
  • Update dictionary.h3c Closes #2592.
  • Update elasticsearch/logstash config for v6.7.0.
  • EAP-PWD security fixes from Mathy Vanhoef. See
  • Update dynamic_client module and server core so that the functionality works. This has been broken since at least v2.
  • Fix crash in sqlippool due to escaping changes Patch from Nathan Ward. Fixes #2532, #2533.
  • Fix systemd notify, watchdog and unit files Fixes #2541, #2499.
  • Fix erroneous length check in EAP-FAST.
  • Update documentation to remove old “ignore_null” configuration. Fixes #2578.
  • Fix default POD port. Should be 3799. Fixes #2591.
  • Correctly encode vendor-specific “encrypted” attributes Fixes #2600.


git clone
make install

Configuring the server

  1. Start off with the default configuration files.
  2. Save a copy of the default configuration: It WORKS. Don’t change it!
  3. Verify that the server starts – in debugging mode (radiusd -X).
  4. Send it test packets using “radclient”, or a NAS or AP.
  5. Verify that the server does what you expect
    • If it does not work, change the configuration, and go to step (3)
    • If you’re stuck, revert to using the “last working” configuration.
    • If it works, proceed to step (6).
  6. Save a copy of the working configuration, along with a note of what you changed, and why.
  7. Make a SMALL change to the configuration.
  8. Repeat from step (3).


Copyright (C) 1999-2018 The FreeRADIUS Server Project