G Suite and FreeRADIUS for WiFi Authentication

By Vince Lujan Posted December 5, 2019

Many IT organizations are interested in leveraging G Suite passwords for WiFi authentication. The common thought is to connect the WiFi network to a FreeRADIUS server, which would then authenticate user credentials against the G Suite directory. 

Unfortunately, G Suite (formerly Google Apps™) doesn’t offer the capability to integrate with FreeRADIUS servers. The good news is that JumpCloud Directory-as-a-Service® can import G Suite identities and provide WiFi authentication via FreeRADIUS using G Suite credentials.

Envision Increased Security For WiFi Authentication

The vision here is simple: 

  1. Leverage G Suite credentials as the central identity for a user. 
  2. Have the user utilize their G Suite credentials to access their laptop or desktop, AWS® cloud servers, on-prem and cloud applications, and the WiFi network. 

Specifically, in the case of authenticating network access via WiFi, the IT organization connects the WAPs to a FreeRADIUS server which would authenticate to the directory service. 

It’s a vision that significantly enhances the security of the WiFi network. IT admins realize that a shared SSID and passphrase is not enough to secure the wireless network and that integrating RADIUS enforces unique network access. This integration makes it so each user has their own unique set of credentials for network access. 

Vision Becomes Reality With JumpCloud®

The path to achieving this vision is to leverage Directory-as-a-Service®. The cloud-hosted directory service accomplishes a number of the pieces. Directory-as-a-Service has two major components in this respect: RADIUS-as-a-Service and the core, authoritative directory service. 

The first step is to integrate the cloud directory with G Suite. This enables the cloud identity provider to become the authoritative source of truth to manage G Suite user identities. You can provision, deprovision, and modify users within G Suite from Directory-as-a-Service. 

With the user’s G Suite credentials within the cloud directory, it is then possible to move to connect the wireless access points to the cloud RADIUS endpoints within the IDaaS platform. The virtual FreeRADIUS server automatically connects with the onboard directory service. 

The user then simply enters their (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/g-suite-freeradius-wifi-authentication/

Vince Lujan

Vince is a documentation and blog writer at JumpCloud, the world’s first cloud-based directory service. Vince recently graduated with a degree in professional and technical writing from the University of New Mexico, and enjoys researching new innovations in cloud architecture and infrastructure.

vince-lujan has 168 posts and counting.See all posts by vince-lujan