FreeRadius

This is simple installation of "freeradius" using with Cisco VPN router and Linux system account authenication.

Env :
Cisco VPN router as NAS
Linux server installed with "freeradius" as RADIUS



Step 1

[root@~]# yum install freeradius net-snmp

Install the program via yum , or download the tar source from :
http://www.freeradius.org/

[root@~]# tar -zxvf freeradius-1.0.2.tar.gz
[root@~]# ./configure
[root@~]# make
[root@~]# make install




Step 2

[root@~]# vi /etc/raddb/radiusd.conf

#user = radiusd
#group = radiusd

log_auth = yes
log_auth_badpass = no
log_auth_goodpass = no

Modify the main config.



Step 3

[root@~]# vi /etc/raddb/clients.conf #Grouping the NAS by IP subnet client 192.168.0.0/24 { secret = key shortname = lan nastype = cisco } #Listing the NAS by hostname or IP address client 192.168.0.1 { secret = key shortname = server nastype = other }




Step 4

Now we can use linux system account in Linux RADIUS as default, test it:

[root@~]# radiusd -X

Start Debug mode

[root@~]# radtest id pw localhost 0 key

Open other console and test the radius by test command
Usage: radtest user passwd radius-server[:port] nas-port-number secret [ppphint] [nasname]

If it is OK succes, it will show like as:

Sending Access-Request of id 101 to 127.0.0.1 port 1812 User-Name = "test" User-Password = "test" NAS-IP-Address = 255.255.255.255 NAS-Port = 0 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=101, length=20




Step 5

If OK for testing, start the service and set chkconfig to auto-start :

[root@~]# chkconfig radiusd on
[root@~]# /etc/init.d/radiusd start



Server is hosted by Alanstudio
Linux Operating System

Recommend screen resolution 1024 x 768 / IE / FireFox
Alan Studio © 2007 by Alan Cheung Hin Lun. All rights reserved.