Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
client 192.168.0.1 {
secret
= radiuspassword
shortname
= 192.168.0.1
nastype
= cisco
Now is the time to add the parameters about users Radius, to make that edit the file users:
user1
Cleartext-password == "supersecret"
Service-Type = NAS-Prompt-User,
Cisco-AVPair = "shell:priv-lvl=15"
User-Name = "user1"
User-Password = "supersecret"
NAS-IP-Address = 127.0.1.1
NAS-Port = 1812
rad_recv: Access-Reject packet from host 192.168.0.1 port 1812, id=61, length=20
R1(conf)# aaa new-model R1(conf)# aaa group server radius RadiusGrp R1(config-sg-radius)# server-private 192.168.0.254 auth-port 1812 acct-port 1813 key radiuspassword R1(config-sg-radius)# exit R1(config)# aaa authentication login default group RadiusGrp R1(config)# aaa authorization exec default group RadiusGrp R1(config)# aaa accounting exec default start-stop group RadiusGrp R1(config)# aaa accounting system default start-stop group RadiusGrp
R1(conf)# line vty 0 5 R1(conf-line)# transport input telnet ssh R1(conf-line)# login authentication default R1(conf-line)# exit
user2
Cleartext-Password := "testing"
Service-Type = NAS-Prompt-User,
Cisco-AVPair = "shell:priv-lvl=3"
restart Freeradius
from user1
HOW TO INSTALL AND CONFIGURE FREERADIUS IN UBUNTU 12.04LTS SERVER EDITION PART 2
Standard
After weve installed and made a base configuration, now we will see how to use MySQL as way of authentication with Radius for our users.
1 INSTALLATION PACKAGES
$: mysql -u root -p mysql> create database radius; mysql> create user 'freeradius'@'localhost' identified by 'radius'; mysql> grant all on radius.* to 'freeradius'@'localhost' identified by 'radius'; mysql> flush privileges; mysql> exit;
then always from terminal, goto the path /etc/freeradius/sql/mysql and
$: cd /etc/freeradius/sql/mysql $: mysql -u freeradius -p radius < schema.sql $: mysql -u freeradius -p radius < nas.sql
nas.sql is file that will contain the list of network devices will access to the Radius server. The installation is done well see the configuration of it.
3 CONFIGURATION RADIUS
go to the path /etc/freeradius/site-available
sql
then
we can left the rest of the lines as default. Uncomment readclients = yes
then
as last step
$: mysql -u freeradius -p
and insert the device in nas table
mysql> use radius; mysql> insert into nas (nasname,shortname,secret,description) values ('192.168.0.1','radius','password','server radius');
the insert the user and pwd in radcheck
5 TEST RADIUS
if all steps are done right run the command