<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>
Hi,<div><br></div><div>you can use the following to include all the IPs inside the clients file:</div><div><br></div><div><span class="Apple-style-span" style="color: rgb(17, 0, 0); font-family: verdana, arial, sans-serif; font-size: 12px; line-height: 18px; "><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; ">client 0.0.0.0/0 {
       secret          = mysecret
       shortname       = myNAS
}</pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; "><br></pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; "><br></pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; ">From the router's side you need to write a command to add your radius shared key and ip. For example if it's allied telesis</pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; "><br></pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; ">radius-server key <key>
radius-server host <ip></pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; "><br></pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; ">for cisco is something similar.</pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; "><br></pre></span><font class="Apple-style-span" color="#51555c" face="verdana, arial, sans-serif"><span class="Apple-style-span" style="font-size: 12px; line-height: 18px;"><br></span></font><span class="Apple-style-span" style="color: rgb(17, 0, 0); font-family: verdana, arial, sans-serif; font-size: 12px; line-height: 18px; "><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; ">If you are using Mysql then you need to add it to the nas table but before that you need to edit the sql.conf file and uncomment the radclients = yes</pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; "><br></pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; "><br></pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; ">for example my Mysql nas table is like that:</pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; "><br></pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; ">+----+----------+--------------+-------+-------+--------+-----------+---------------+--------+
| id | nasname  | shortname    | type  | ports | secret | community | description   | server |
+----+----------+--------------+-------+-------+--------+-----------+---------------+--------+
|  1 |    <IP>  | Core         | other |  NULL |  <key> | NULL      | Radius Client | NULL   |
|  2 |    <IP>  | ZoneDirector | other |  NULL | <key>  | NULL      | Radius Client | NULL   |
+----+----------+--------------+-------+-------+--------+-----------+---------------+--------+
</pre><div><br></div><div><br></div><div>because i am using the core and the zone director as a NAS.</div></span><span class="Apple-style-span" style="color: rgb(17, 0, 0); font-family: verdana, arial, sans-serif; font-size: 12px; line-height: 18px; "><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; "> </pre></span><span class="Apple-style-span" style="color: rgb(17, 0, 0); font-family: verdana, arial, sans-serif; font-size: 12px; line-height: 18px; "><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; "><br></pre></span><span class="Apple-style-span" style="color: rgb(17, 0, 0); font-family: verdana, arial, sans-serif; font-size: 12px; line-height: 18px; "><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; ">Good luck</pre><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; ">Andrew</pre></span><span class="Apple-style-span" style="color: rgb(17, 0, 0); font-family: verdana, arial, sans-serif; font-size: 12px; line-height: 18px; "><pre class="text" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; outline-width: 0px; outline-style: initial; outline-color: initial; font-size: 12px; vertical-align: baseline; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; overflow-x: visible; overflow-y: visible; width: auto; clear: none; line-height: 1.333; white-space: pre; font-family: monospace; background-position: initial initial; background-repeat: initial initial; "><br></pre></span><br><div><div id="SkyDrivePlaceholder"></div>> From: sigbj-st@operamail.com<br>> To: freeradius-users@lists.freeradius.org<br>> Subject: a router as NAS<br>> Date: Sun, 15 Jul 2012 18:49:18 +0200<br>> <br>> (I think I messed up the previous posting by returning on a previous by<br>> Winter answered post. This message is found in the end of that post. I<br>> am sorry. Hope this one comes in with the new subject.)<br>> Can I connect to radius via a router that has a guestzone? It simply<br>> means that the router has an extra guestzone interface that also<br>> contains choice for PSK or EAP<br>> <br>> From the following information I wonder why the radiusd is not<br>> responding.Remember I am trying to log in with the radius from the PC<br>> where the radius is installed. Radius is on 192.168.0.198 and I am<br>> attempting login or request from 192.168.0.198. This may also be a<br>> mistake. Maybe there will be a conflict betw 192.168.0.1 = router and<br>> 192.168.0.198 localhost. I simply dont know.<br>> <br>> The router is a DLINK 655<br>> The OS is SuSE Linux Enterprise Desktop 10, ServPack 3<br>> The radius is the freeradiu-sserver-2.1.12<br>> <br>> Here are the fields from this zone in the router:<br>> **ROUTER PART**<br>> "Use this section to configure the guest zone settings of your router.<br>> The guest zone provide a separate network zone for guest to access<br>> Internet":<br>> <br>> --GUEST ZONE SELECTION--<br>> Enable Guest Zone : (Yes)         <br>> Wireless Band : 2.4GHz Band<br>> Wireless Network Name : EAP_sled           (Also called the SSID)<br>> Enable Routing Between Zones :  (No) <br>> Security Mode : WPA-Enterprise<br>> <br>> --WPA--<br>> WPA Mode : Auto (WPA or WPA2)    <br>> Cipher Type : TKIP and AES       <br>> Group Key Update Interval : 3600 (seconds)   <br>> <br>> --EAP (802.1x)--<br>> <br>> "When WPA enterprise is enabled, the router uses EAP (802.1x) to<br>> authenticate clients via a remote RADIUS server."<br>> <br>> Authentication Timeout : 60       (minutes)<br>> RADIUS server IP Address : 192.168.0.198         <br>> RADIUS server Port : 1812        <br>> RADIUS server Shared Secret : testing123 <br>> MAC Address Authentication : No<br>> **CLIENT.CONF**<br>> Then I change the client.conf from localhost 127.0.0.1 to the IP of the<br>> router 192.168.0.1<br>> #client localhost {<br>>         #  Allowed values are:<br>>         #       dotted quad (1.2.3.4)<br>>         #       hostname    (radius.example.com)<br>> #       ipaddr = 127.0.0.1<br>> # Test with router:<br>> client router {<br>>         #  Allowed values are:<br>>         #       dotted quad (1.2.3.4)<br>>         #       hostname    (radius.example.com)<br>>         ipaddr = 192.168.0.1<br>> #<br>> and I keep rest of it as it was.<br>> <br>> **/ETC/HOSTS/**<br>> I put in a line in /etc/hosts/ (I am not sure if it is right or<br>> necessary:<br>> # IP-Address  Full-Qualified-Hostname  Short-Hostname<br>> 192.168.0.1       router                    dlink<br>> <br>> **YAST CONFIG FOR THE USERCLIENT**<br>> I change the setup in system (YaST)from PKS key to EAP:<br>> --MODUS--<br>> Accesspoint: (Yes)<br>> Ad hoc: no<br>> Master: no<br>> --NETWORKNAME SSID--<br>> EAP_sled<br>> --AUTHENTICATION MODUS--<br>> Open: no<br>> Shared key: no  <br>> WPA-EAP  (Yes)<br>> WPA-PSK: no<br>> EAP Modus: TTLS<br>> Identity: sigbj (as in /usr/local/etc/raddb/users)<br>> Password: testing-0 (as in /usr/local/etc/raddb/users)<br>> Anonymous identity: (left open)<br>> Client-Sert: (closed)<br>> Client-Key: (closed)<br>> Client-Key_password: whatever<br>> Server-Sert: /usr/local/etc/raddb/certs/server.csr<br>> <br>> I have made no changes in eap.conf and radius.conf<br>> <br>> I try to start the radiusd -X with these changes (the previous test on<br>> localhost is successful: "Ready to process requests." And radtest test<br>> gives the right feedback:Sending Access-Accept of id 178 to 127.0.0.1<br>> port 1932,so this test part works)<br>> <br>> Some of the messages from the radiusd -X with the changed client.conf:<br>> ........<br>> radiusd: #### Loading Clients ####<br>>  client router {<br>>         ipaddr = 192.168.0.1<br>>         require_message_authenticator = no<br>>         secret = "testing123"<br>>         nastype = "other"<br>> .............<br>> ... adding new socket proxy address * port 1047<br>> Listening on authentication address * port 1812<br>> Listening on accounting address * port 1813<br>> Listening on command file /usr/local/var/run/radiusd/radiusd.sock<br>> Listening on authentication address 127.0.0.1 port 18120 as server<br>> inner-tunnel<br>> Listening on proxy address * port 1814<br>> Ready to process requests.<br>> <br>> radtest gives this:<br>> Sending Access-Request of id 207 to 127.0.0.1 port 1812<br>>         User-Name = "sigbj"<br>>         User-Password = "testing-0"<br>>         NAS-IP-Address = 192.168.0.198<br>>         NAS-Port = 0<br>>         Message-Authenticator = 0x00000000000000000000000000000000<br>> radclient: no response from server for ID 207 socket 3<br>> <br>> and radiusd consequently:<br>> Ignoring request to authentication address * port 1812 from unknown<br>> client 127.0.0.1 port 1048<br>> <br>> Trying to login with the Knetworkmanager (KDE) on to the network gives<br>> no reaction on the server, server is just waiting, the knetworkmanager<br>> may blink or just dryrun. I have a feeling that the server is listening<br>> on the 127.0.0.1 instead on 192.168.0.1, but do not know<br>> <br>> I am of course doing a typical newbie mistake somewhere, but I do not<br>> know what.<br>> <br>> IF YOU NEED THE WHOLE RADIUSD -X LOG AT THIS POINT, PLEASE TELL ME. I<br>> have given this explanations to begin with. The problems may also be<br>> that a router of this kind cannot be used on freeradius or that the<br>> router is 100% "Windows-messed-up".<br>> <br>> -- <br>>   Si St<br>>   sigbj-st@operamail.com<br>> <br>> -- <br>> http://www.fastmail.fm - The professional email service<br>> <br>> -<br>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html<br></div></div>                                     </div></body>
</html>