FreeRadius and Dlink Switch Authentication Problem
Inci Gedik
igedik at ford.com.tr
Thu Dec 29 15:52:44 CET 2005
Tekrar Merhaba,
Radius calisiyor ise switch in icindeki kullanici adi ile login olamamaniz
gerekiyor. Demekki bir yerde sorun var. Radius, switch in kendi kullanici
Hesabi ile yapilan loginleri bir yere yazmaz. Telnet islemi sirasinda radius
Bulunamadi seklinde bir yanit aliyor musunuz?
-----Original Message-----
From: freeradius-users-bounces+igedik=ford.com.tr at lists.freeradius.org
[mailto:freeradius-users-bounces+igedik=ford.com.tr at lists.freeradius.org] On
Behalf Of Kai Geek
Sent: 29 Aralık 2005 Perşembe 15:40
To: FreeRadius users mailing list
Subject: RE: FreeRadius and Dlink Switch Authentication Problem
Merhabalar Inci hanim,
oncelikle yardimlariniz icin cok tesekkur ederim. Ancak tacacs
kullanamiyoruz cunku switchlerin cogu Dlink ve 3226 modeli yani tacacs yok.
radius server destekliyorlar. bu nedenle radius kullanmam gerek.
#radiusd -X
diyerek debug moda aliyorum ve benim ip adresim 10.0.0.185 radius server ise
10.0.0.6'da calisiyor. switch ise (dlink marka) 10.0.0.250 ip adresine
sahip. ben
#telnet 10.0.0.250
komutunu verdigim zaman switchin kendi icindeki kullanici ile (admin)
girebiliyorum. ama hicbir log dusmuyor. ne onerirsiniz?
----- Original Message -----
From: "Inci Gedik " <igedik at ford.com.tr>
To: "'FreeRadius users mailing list'"
<freeradius-users at lists.freeradius.org>
Subject: RE: FreeRadius and Dlink Switch Authentication Problem
Date: Thu, 29 Dec 2005 15:20:43 +0200
>
> Selam,
>
> Radius un debug ettin mi ? Sen switch e baglanmaya calisirken ekrana neler
> geliyor bir bakar misin ? Birde calisan bir sistemden ornek veriim :
>
> client.conf dosyani asagidaki gibi editler misin ?
>
> client 10.0.0.250 {
> secret = 250
> shortname = switch
> nastype = cisco
> }
>
> Users dosyasindaki kulanici tanimlamasini asagidaki gibi yapip, linux
> sisteminde steve diye bir kullanici acip bir de sifre verirsen baglantiyi
> saglayabilirsin.
>
> steve Auth-Type := System
> Service-Type = Shell-User,
> Login-Service = Telnet,
> Login-IP-Host = 0.0.0.0,
> Login-TCP-Port = Telnet
>
> Linux altinda port numaralarinda acik degil mi ? Bu sekilde bir kontrol
> edersen bir de conf dosyani inceleyebiliriz. O zaman conf dosyanda bir
hata
> var demektir.
>
> Bi de israrla tacacs+ diyorum : )
>
>
>
> Kolay gelsin ,
>
> Inci Gedik
>
> -----Original Message-----
> From: freeradius-users-bounces+igedik=ford.com.tr at lists.freeradius.org
> [mailto:freeradius-users-bounces+igedik=ford.com.tr at lists.freeradius.org]
On
> Behalf Of Kai Geek
> Sent: 29 Aralık 2005 Perşembe 14:24
> To: freeradius-users at lists.freeradius.org
> Subject: FreeRadius and Dlink Switch Authentication Problem
>
> Hello,
> i am using freeradius in my computer with the ip 10.0.0.6
> i have a dlink 3226s model switch in my network and its ip is 10.0.0.250
>
> i want this switch to verify username and password from radius server
> (10.0.0.6)
>
> i have added 10.0.0.250 as a client to the radius servers clients.conf and
> users files and i introduced a user. but still it doesnt connect. where
may
> be the error?
> when i test locally, it seems as working but teh switch doesnt connect to
> radius?
> thank you,
>
> using command radius server (10.0.0.6)
>
> kernel at debian#pico clients.conf
>
> client 10.0.0.250 {
> secret = 250
> shortname = 1
> }
>
> kernel at debian#pico users
>
> steve Auth-Type := Local, User-Password == "testing"
> Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Framed-IP-Address = 127.0.0.1,
> Framed-IP-Netmask = 255.255.255.0,
> Framed-Routing = Broadcast-Listen,
> Framed-Filter-Id = "std.ppp",
> Framed-MTU = 1500,
> Framed-Compression = Van-Jacobsen-TCP-IP
>
> #radtest steve testing 10.0.0.6 1812 testing
> okay
> what problem ?
> when i test locally, it seems as working but teh switch doesnt connect to
> radius?
>
> +-+-+-+ BEGIN PGP SIGNATURE +-+-+-+
> Version: GnuPG v1.4.2 (GNU/Linux)
> .-. .-. _
> : : : : :_;
> .-' : .--. : `-. .-. .--. ,-.,-.
> ' .; :' '_.'' .; :: :' .; ; : ,. :
> `.__.'`.__.'`.__.':_;`.__,_;:_;:_;
>
> Kai "Ozgur" Geek
> Network Engineer
> PGP ID: B1B63B6E
> +-+-+-+ END PGP SIGNATURE +-+-+-+
>
>
> --
> _______________________________________________
> Check out the latest SMS services @ http://www.linuxmail.org
> This allows you to send and receive SMS through your mailbox.
>
> Powered by Outblaze
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
+-+-+-+ BEGIN PGP SIGNATURE +-+-+-+
Version: GnuPG v1.4.2 (GNU/Linux)
.-. .-. _
: : : : :_;
.-' : .--. : `-. .-. .--. ,-.,-.
' .; :' '_.'' .; :: :' .; ; : ,. :
`.__.'`.__.'`.__.':_;`.__,_;:_;:_;
Kai "Ozgur" Geek
Network Engineer
PGP ID: B1B63B6E
+-+-+-+ END PGP SIGNATURE +-+-+-+
--
_______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.
Powered by Outblaze
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list