Dear Community,

thank you for joining the Community!

I am struggeling on connecting my FreeIPA with an Cisco ISE Radius Server.

I want to use MsChapV2 for Authentication.

But I can't find a real manual on how to connect a radius server with freeIPA.

Just the FreeRadius manuals which I can't apply on my setup.

Do you have a manual on setting up freeipa to use the radius.

I already did a ipa-adtrust-install and added the Radius-Server (ISE) with FQDN with the command: ipa service-add 'radius/FQDN' and ipa service-add-host --hosts=FQDN radius/FQDN

and ipa role-add-member --hosts=FQDN

But i think this is not all i have to do in order to work with the radius server.

My Question is also: Do I have to create a keytab from my Radius-Server (ISE) and put it no ipa.

Something like in this guide shown?

http://ilcofon.net/index.php/2018/01/05/wifi-authenticate-with-radius-and-freeipa/

ipa-getkeytab -p- 'radius/FQDN-RADIUS' -s FQDN-IPA -k /root/radius.keytab

(By the way: Sorry for my bad english, I hope you can read it.)

Thanks in advance!

Best Regards

Nikoalos Hatzepanagiotides