We do have a Google Apps domain and we want to configure a Radius server in order to allow people to login to our corporate WiFi or VPN using their corporate credentials (Google Apps).
To make the issue even more complex, we already have 2FA enabled for our Google Accounts. Still, if that would be a blocker we could ask people to use application-passwords for this purpose in order to avoid the 2FA issue.
So far I tried to use https://github.com/layeh/google-apps-radius and it did pass the radtest
but it failed to work with our UniFi AP. While I contacted the vendor for details I am looking for alternatives in case this Radius server cannot really work. We are also considering hosted solutions.
JumpCloud provides just that (G Suite-to-RADIUS-bridge), but comes at a price. Your other option would be to import your userbase into an LDAP directory, keep it in sync with G Suite using
[Google Cloud Directory Sync][2]
and use this as the credential store for your RADIUS.https://github.com/simllll/node-radius-server is exactly what you are looking for.
It's a radius server that allows you to authenticate against google LDAP, SMTP or IMAP or...whatever you need.