RADIUS Setup for OS X El Capitan – Server 5.x

Posted: February 15th, 2016 | Author: | Filed under: Open Directory, RADIUS, SSL | 2 Comments »

Quite simple to setup. First paste in the following commands.

radiusconfig -setconfig auth yes
radiusconfig -setconfig auth_badpass yes

Now install an SSL cert/key pair for your host, the built in ones are found in /etc/certificates or you followed my previous article about becoming a certificate authority and you have the certs on hand.

radiusconfig -installcerts /path/to/key /path/to/cert

Finally add some clients

radiusconfig -addclient other

Then start the radius server

serveradmin start radius

When I did this recently I didn’t have a way to test the server so I installed the FreeRadius server via brew.

brew install freeradius-server

And then tested the server by using radtest The binary can be found in the following directory /usr/local/Cellar/freeradius-server/3.0.9/bin

The syntax of the command is as follows:

radtest username password radius-server[:port] nas-port-number secret

Here’s an example:

radtest username password 10 secret

An Access-Accept is a passing grade!

2 Comments on “RADIUS Setup for OS X El Capitan – Server 5.x”

  1. 1 Lacy said at 10:18 pm on June 24th, 2016:

    Hi, I was looking for a way to enable radius for
    os x server 5.1.5 and found this article.
    I typed the cmd as direction,but the radius can’t work normally in my os x server 5.1.5. And I saw the logs:
    (org.freeradius.radiusd):service exited with abnormal code:1
    (org.freeradius.radiusd):service only ran for 0 seconds

    Do you know a way to resolve it?
    Waiting for your reply.

  2. 2 Barbara Wyatt said at 4:39 pm on July 25th, 2016:

    Help! I am so glad I found your page! My setup is a Mac OS server on 5.1.7 and I have Meraki network equipment. I’m trying to setup a Radius service for my wireless network. Based on your blog/tweet it should be simple. However, I can’t get past the first command. I’m told I ‘Must be root to run radiusconfig.’ This is what my terminal screen says:
    mmserver:~ mmserver$ radiusconfig -setconfig auth yes
    Must be root to run radiusconfig
    mmserver:~ mmserver$

    Please help. Thanks.

Leave a Reply