<div dir="ltr">Hey Ignacio,<div><br></div><div>I am in a need to get a Nomadix AG3100 gateway to do the same thing as you have done - get it authenticate</div><div>to FreeRADIUS and redirect to portal pages for a simple user/pass login.</div>
<div><br></div><div>I've exchanged a bunch of emails with their support team (which is awful) and read their guides but it's</div><div>terribly cumbersome and seems that some kind of XML interface is required to be implemented.</div>
<div><br></div><div>I was hoping to get some pointers from you on getting this working,</div><div><br></div><div><br></div><div>Thanks,</div><div>Liran.</div><div><br></div><div><br><br><div class="gmail_quote">On Mon, Jul 24, 2006 at 12:14 PM, Ignacio Siles <span dir="ltr"><<a href="mailto:ignacio.siles@libera.net">ignacio.siles@libera.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div lang="ES" link="blue" vlink="purple">
<div>
<p><font size="2" face="Arial"><span style="font-size:10.0pt;font-family:Arial"> </span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">Hello,</span></font><span lang="EN-US"></span></p>
<p><font size="3" face="Times New Roman"><span lang="EN-US" style="font-size:12.0pt"> </span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">I am trying to implement
a Nomadix AG-5000 public NAS in a in a network with an existing FreeRADIUS
server. </span></font><font size="2" color="blue" face="Arial"><span style="font-size:10.0pt;font-family:Arial;color:blue">The environment is as
follows:</span></font></p>
<p style="margin-left:36.0pt;text-indent:-18.0pt"><font size="3" face="Times New Roman"><span style="font-size:12.0pt"> </span></font></p>
<p style="margin-left:36.0pt;text-indent:-18.0pt"><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">-</span></font><font size="1" color="blue"><span lang="EN-US" style="font-size:7.0pt;color:blue">
</span></font><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">The customer wants
nomadix to make public authentication (with captive portal and
PAP) for guest users, and employees who can’t use the protected
wireless network working with WPA-Enterprise authentication.</span></font></p>
<p style="margin-left:36.0pt;text-indent:-18.0pt"><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">-</span></font><font size="1" color="blue"><span lang="EN-US" style="font-size:7.0pt;color:blue"> </span></font><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">The employees´ user names and passwords are
stored in a LDAP structure.</span></font></p>
<p style="margin-left:36.0pt;text-indent:-18.0pt"><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">-</span></font><font size="1" color="blue"><span lang="EN-US" style="font-size:7.0pt;color:blue">
</span></font><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">There is a freeRADIUS v
1.0.5 server which asks that LDAP structure for authentication.</span></font><span lang="EN-US"></span></p>
<p style="margin-left:36.0pt;text-indent:-18.0pt"><font size="3" face="Times New Roman"><span lang="EN-US" style="font-size:12.0pt"> </span></font><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue"></span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">So the Nomadix is
configured as RADIUS client, connected to the FreeRADIUS server. I have
tested the connection with test users stored in freeRADIUS´ “users”
file, and everything worked fine. The problem starts with the Access-Accept
RADIUS message. This message includes some tunnel attributes stored in the
LDAP, which are necessary for the other networks to work properly. But the
Nomadix does not understand those attributes and drops the Access-Accept
messages, resulting in a</span></font><span lang="EN-US"></span></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">failed authentication.</span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue"> </span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">The solution I’m
thinking about is to remove this tunnel atributes of the Access-Accept
message should they be sent to the Nomadix. I’ve read about
rlm_attr_filter, but I don’t know how to configure it to remove tunnel
attribures should the Nomadix be acting as the NAS.</span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue"> </span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">File /etc/raddb/attrs:</span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue"> </span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">DEFAULT</span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">
Packet-type =* ANY,</span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">
EAP-Message =* ANY,</span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">
User-Name =* ANY,</span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">
Message-Authenticator =* ANY,</span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">
State =* ANY,</span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">
</span></font><font size="2" color="blue" face="Arial"><span lang="NL" style="font-size:10.0pt;font-family:Arial;color:blue">Tunnel-Type := VLAN,</span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="NL" style="font-size:10.0pt;font-family:Arial;color:blue">
Tunnel-Medium-Type := IEEE-802</span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="NL" style="font-size:10.0pt;font-family:Arial;color:blue">
</span></font><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">Tunnel-Private-Group-Id
:= “55”</span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue"> </span></font></p>
<p><font size="2" color="blue" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial;color:blue">Thank you in advance,</span></font></p>
<p><font size="2" face="Arial"><span lang="EN-US" style="font-size:10.0pt;font-family:Arial"> </span></font></p></div></div></blockquote></div><br></div></div>