MongoDB for FreeRADIUS
C C++
Switch branches/tags
Nothing to show

MongoDB module for FreeRADIUS

This module allow you to use MongoDB as FreeRADIUS backend (instead of a LDAP). Please consider using other module since this one is not maintained anymore.

How it works ?

Each time your radius receives a authorization request, FreeRADIUS will check user credentials stored in MongoDB.

The request looks like :

	"mac": "00-11-22-33-44-55",
	"username": "john"

If a document matches, MongoDB will return :

	.. some data ..
	"password": "secret"
	.. some data ..

FreeRADIUS will now compare given password and MongoDB password (only cleartext password).


  • Copy the directory rlm_mongo/ into src/modules/
  • Add "rlm_mongo" in src/modules/stable
  • Build as usual
    • ./configure
    • make
    • make install
  • Edit your configuration
    • Create a file named mongo in raddb/modules/ and insert your configuration (see below)
    • Add in your site configuration in authorize sub-section "mongo"
  • Run radiusd


mongo {
	port = "27017"
	ip = ""

	base = 	"production.users"
	username_field = "username"
	password_field = "password"

	# Check mac address (optionnal)
	# mac_field = "mac"

	# Check enable account (optionnal)
	# enable_field = "activate"


If you use rlm_mongo in inner-tunnel and mac filter, ensure you have this in eap.conf : copy_request_to_tunnel = yes

If you want to use NTLM password, only replace Cleartext-Password by NT-Password in rlm_mongo.c


Guillaume Rose, Roman Shterenzon