cciefun ccie/sp fortiOS linux tcl/tk avalanche/reflector canada immi, visit

Configure for FreeRadiusd
#more /etc/raddb/users
clilogin Auth-Type :=LOCAL, User-Password == "qa654321"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 8.8.130.0,
Framed-IP-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP

sslvpnuser Auth-Type :=LOCAL, User-Password == "qa654321"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 172.18.9.0,
Framed-IP-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP

msuser Auth-Type:= MS-CHAP, User-Password=="qa654321", Simultaneous-Use:=1
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 172.18.9.0,
Framed-IP-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP

chapuser Auth-Type:= CHAP, User-Password=="qa654321", Simultaneous-Use:=1
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 172.18.9.0,
Framed-IP-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP

#more client.conf
client 172.18.9.0/24 {
secret = test1
shortname = company-network
}
client 172.18.4.0/24 {
secret = test1
shortname = company-network
}
client 8.8.110.0/24 {
secret = test1
shortname = company-network
}
client 8.8.130.0/24 {
secret = test1
shortname = company-network
}
client 172.16.0.0/12 {
secret = test1
shortname = company-network
}

==== For new version from FC6 autoinstall ====
steve Cleartext-Password := "testing"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 172.18.9.0,
Framed-IP-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP

[[[
# As of 1.1.4, you SHOULD NOT use Auth-Type. See "man rlm_pap"
# for a much better way of dealing with differing passwords.
]]]

====
(root) # d test authserver radius r169 chap steve testing
authenticate 'steve' against 'chap' succeeded, server=primary assigned_rad_session_id=21168128 session_timeout=0 secs!

(root) # exit

login: steve
Password: *******
Welcome !

3305 #

Tuesday, July 8, 2008

No comments:

Post a Comment