FreeRadius and Dlink Switch Authentication Problem

Kai Geek kaigeek at linuxmail.org
Thu Dec 29 14:39:57 CET 2005


Merhabalar Inci hanim,
oncelikle yardimlariniz icin cok tesekkur ederim. Ancak tacacs kullanamiyoruz cunku switchlerin cogu Dlink ve 3226 modeli yani tacacs yok. radius server destekliyorlar. bu nedenle radius kullanmam gerek.

#radiusd -X
diyerek debug moda aliyorum ve benim ip adresim 10.0.0.185 radius server ise 10.0.0.6'da calisiyor. switch ise (dlink marka) 10.0.0.250 ip adresine sahip. ben 

#telnet 10.0.0.250

komutunu verdigim zaman switchin kendi icindeki kullanici ile (admin) girebiliyorum. ama hicbir log dusmuyor. ne onerirsiniz?

----- Original Message -----
From: "Inci Gedik " <igedik at ford.com.tr>
To: "'FreeRadius users mailing list'" <freeradius-users at lists.freeradius.org>
Subject: RE: FreeRadius and Dlink Switch Authentication Problem
Date: Thu, 29 Dec 2005 15:20:43 +0200

> 
> Selam,
> 
> Radius un debug ettin mi ? Sen switch e baglanmaya calisirken ekrana neler
> geliyor bir bakar misin ? Birde calisan bir sistemden ornek veriim :
> 
> client.conf dosyani asagidaki gibi editler misin ?
> 
> client 10.0.0.250 {
>          secret      = 250
>          shortname   = switch
> 	  nastype	  = cisco
> }
> 
> Users dosyasindaki kulanici tanimlamasini asagidaki gibi yapip, linux
> sisteminde steve diye bir kullanici acip bir de sifre verirsen baglantiyi
> saglayabilirsin.
> 
> steve           Auth-Type := System
>                  Service-Type = Shell-User,
>                  Login-Service = Telnet,
>                  Login-IP-Host = 0.0.0.0,
>                  Login-TCP-Port = Telnet
> 
> Linux altinda port numaralarinda acik degil mi ? Bu sekilde bir kontrol
> edersen bir de conf dosyani inceleyebiliriz. O zaman conf dosyanda bir hata
> var demektir.
> 
> Bi de israrla tacacs+ diyorum : )
> 
> 
> 
> Kolay gelsin ,
> 
> Inci Gedik
> 
> -----Original Message-----
> From: freeradius-users-bounces+igedik=ford.com.tr at lists.freeradius.org
> [mailto:freeradius-users-bounces+igedik=ford.com.tr at lists.freeradius.org] On
> Behalf Of Kai Geek
> Sent: 29 Aralık 2005 Perşembe 14:24
> To: freeradius-users at lists.freeradius.org
> Subject: FreeRadius and Dlink Switch Authentication Problem
> 
> Hello,
> i am using freeradius in my computer with the ip 10.0.0.6
> i have a dlink 3226s model switch in my network and its ip is 10.0.0.250
> 
> i want this switch to verify username and password from radius server
> (10.0.0.6)
> 
> i have added 10.0.0.250 as a client to the radius servers clients.conf and
> users files and i introduced a user. but still it doesnt connect. where may
> be the error?
> when i test locally, it seems as working but teh switch doesnt connect to
> radius?
> thank you,
> 
> using command radius server (10.0.0.6)
> 
> kernel at debian#pico clients.conf
> 
> client 10.0.0.250 {
>          secret          = 250
>          shortname       = 1
> }
> 
> kernel at debian#pico users
> 
> steve   Auth-Type := Local, User-Password == "testing"
>          Service-Type = Framed-User,
>          Framed-Protocol = PPP,
>          Framed-IP-Address = 127.0.0.1,
>          Framed-IP-Netmask = 255.255.255.0,
>          Framed-Routing = Broadcast-Listen,
>          Framed-Filter-Id = "std.ppp",
>          Framed-MTU = 1500,
>          Framed-Compression = Van-Jacobsen-TCP-IP
> 
> #radtest steve testing 10.0.0.6 1812 testing
> okay
> what problem ?
> when i test locally, it seems as working but teh switch doesnt connect to
> radius?
> 
> +-+-+-+ BEGIN PGP SIGNATURE +-+-+-+
> Version: GnuPG v1.4.2 (GNU/Linux)
>     .-.      .-.    _
>     : :      : :   :_;
>   .-' : .--. : `-. .-. .--.  ,-.,-.
> ' .; :' '_.'' .; :: :' .; ; : ,. :
> `.__.'`.__.'`.__.':_;`.__,_;:_;:_;
> 
> Kai "Ozgur" Geek
> Network Engineer
> PGP ID: B1B63B6E
> +-+-+-+ END PGP SIGNATURE +-+-+-+
> 
> 
> --
> _______________________________________________
> Check out the latest SMS services @ http://www.linuxmail.org
> This allows you to send and receive SMS through your mailbox.
> 
> Powered by Outblaze
> 
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> 
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



+-+-+-+ BEGIN PGP SIGNATURE +-+-+-+
Version: GnuPG v1.4.2 (GNU/Linux)
   .-.      .-.    _              
   : :      : :   :_;             
 .-' : .--. : `-. .-. .--.  ,-.,-.
' .; :' '_.'' .; :: :' .; ; : ,. :
`.__.'`.__.'`.__.':_;`.__,_;:_;:_;

Kai "Ozgur" Geek
Network Engineer
PGP ID: B1B63B6E
+-+-+-+ END PGP SIGNATURE +-+-+-+


-- 
_______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.

Powered by Outblaze




More information about the Freeradius-Users mailing list