Configuring Your FreeRADIUS Device to Communicate with JSA

Configure FreeRADIUS to send logs to the syslog daemon of the host and configure the daemon to send events to JSA.

You must have a working knowledge of syslog configuration and the Linux distribution.

FreeRADIUS has multiple distributions. Some files might not be in the same locations that are described in this procedure. For example, the location of the FreeRADIUS startup script is based on distribution. Conceptually, the configuration steps are the same for all distributions.

Log in to the system that hosts FreeRADIUS.
Edit the /etc/freeradius/radius.conf file.

Change the text in the file to match the following lines:

Edit the /etc/syslog.conf file.
To configure log options, add the following text.
# .=notice logs authentication messages (L_AUTH).—# <facility_name>.=notice @<IP_address_of_JSA_Event_Collector_or_JSA_Console>
# .=err logs module errors for FreeRADIUS.—#<facility_name>.=err @<IP_address_of_JSA_Event_Collector_or_JSA_Console>
# .* logs messages to the same target.—# <facility_name>.* @<IP_address_of_JSA_Event_Collector_or_JSA_Console>
An example syslog facility name is local1. You can rename it.
To configure a log option, remove the comment tag (#) from one of the active lines that contains an @ symbol.

If the configuration change does not load automatically, restart the syslog daemon. The method to restart the syslog daemon depends on the distribution that is used. The following table lists possible methods.

Operating system distribution	Command to restart daemon
Red Hat Enterprise Linux	service syslog restart
Debian Linux or Ubuntu Linux	`/etc/init.d/syslog` restart
FreeBSD operating system	`/etc/rc.d/syslogd` restart

Add the following options to the FreeRADIUS startup script:
- -l syslog
- -g <facility_name>
The -g value must match the facility name in Step 5.
Restart FreeRADIUS.