radius and cisco
Alan DeKok
aland at deployingradius.com
Tue Feb 19 22:48:51 CET 2008
Jim McIver wrote:
> I'm a newbie and looking for instructions on how to setup FreeRADIUS
> Version 1.1.7 on a SLES 10 linux box to use for authenication and
> logging for a cisco 2801 router. I want to track users connecting
> from the outside world using Cisco's vpn client and cisco sayes
> radius is the answer.
Yes.
> I'd like to start with just allowing users from the linux /etc/passwd
> access and then move onto authenication from my Netware 6.5 LDAP
> server.
See the FAQ for getting started with FreeRADIUS.
> I've read all I can find on freeradius.org and cisco, but still don't
> understand....hard learner I guess.
>
> radiusd -xx gives:
...
> Ready to process requests.
And no packets. The server has to receive a request for it to be able
to do something.
> My radius.conf is what was installed as default.
> Q1? Do I need to add anything other than the below to client.conf?
No.
> I believe the relavent part of the users file is:
>
> DEFAULT Auth-Type = System
> Fall-Through = 1
Yes.
> Notes I've read say to change this to 255.255.255.255 ??
Maybe. Only if you're assigning IP addresses.
> Q2? I believe I also need to add something similar to the below in
> the users file?
Not if the users are being authenticated from /etc/passwd.
> Q3? Does "youruser" and "somepass" need to be a valid user from
> /etc/passwd? I'm unclear if there is a link between users in this
> file and valid users in /etc/passwd of the linux box.
They are independent.
Alan DeKok.
More information about the Freeradius-Users
mailing list