FreeRadius

This is simple installation of "freeradius" using with Cisco VPN router and Linux system account authenication.

Env :
Cisco VPN router as NAS
Linux server installed with "freeradius" as RADIUS


Step 1

[root@~]# yum install freeradius net-snmp

Install the program via yum , or download the tar source from :
http://www.freeradius.org/

[root@~]# tar -zxvf freeradius-1.0.2.tar.gz
[root@~]# ./configure
[root@~]# make
[root@~]# make install



Step 2

[root@~]# vi /etc/raddb/radiusd.conf

#user = radiusd
#group = radiusd

log_auth = yes
log_auth_badpass = no
log_auth_goodpass = no

Modify the main config.


Step 3

[root@~]# vi /etc/raddb/clients.conf

#Grouping the NAS by IP subnet
client 192.168.0.0/24 {
   secret      = key     
   shortname   = lan     
   nastype     = cisco   
}


#Listing the NAS by hostname or IP address
client 192.168.0.1 {
   secret      = key
   shortname   = server     
   nastype     = other  
}


Step 4

Now we can use linux system account in Linux RADIUS as default, test it:

[root@~]# radiusd -X

Start Debug mode

[root@~]# radtest id pw localhost 0 key

Open other console and test the radius by test command
Usage: radtest user passwd radius-server[:port] nas-port-number secret [ppphint] [nasname]

If it is OK succes, it will show like as:
Sending Access-Request of id 101 to 127.0.0.1 port 1812
        User-Name = "test"
        User-Password = "test"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=101, length=20


Step 5

If OK for testing, start the service and set chkconfig to auto-start :

[root@~]# chkconfig radiusd on
[root@~]# /etc/init.d/radiusd start



Server is hosted by Alanstudio
Linux Operating System

Recommend screen resolution 1024 x 768 / IE / FireFox
Alan Studio © 2007 by Alan Cheung Hin Lun. All rights reserved.