Help needed configuring MAB on FreeRADIUS and Cisco switch
Kaya Saman
kayasaman at gmail.com
Fri Jul 13 18:03:19 CEST 2012
Hi,
I've created a server running CentOS 6.2 and FreeRADIUS 2.1.10-5. I
also have installed the latest DaloRADIUS on the system to provide a
web UI since ultimately that is where people will be provisioning
systems from of which I believe it is installed correctly.
I also have a Cisco 3560G switch of which my aim is to create a
dynamic way of allocating VLANs similarly to VMPS, only by using
modern standards.
So far amongst others I have been following these pages:
http://wiki.freeradius.org/Cisco
http://wiki.freeradius.org/Mac-Auth
My configuration in the Cisco switch is attached:
In regards to the RADIUS config, I have these tables on MySQL:
+------------------------+
| Tables_in_radius |
+------------------------+
| batch_history |
| billing_history |
| billing_merchant |
| billing_paypal |
| billing_plans |
| billing_plans_profiles |
| billing_rates |
| cui |
| dictionary |
| hotspots |
| invoice |
| invoice_items |
| invoice_status |
| invoice_type |
| nas |
| node |
| operators |
| operators_acl |
| operators_acl_files |
| payment |
| payment_type |
| proxys |
| radacct |
| radcheck |
| radgroupcheck |
| radgroupreply |
| radhuntgroup |
| radippool |
| radpostauth |
| radreply |
| radusergroup |
| realms |
| userbillinfo |
| userinfo |
| wimax |
+------------------------+
This is what clients.conf shows:
client switch1 {
ipaddr = 10.0.0.1
secret = pass
}
My sql.conf file has these lines in it:
sql {
#
# Set the database to one of:
#
# mysql, mssql, oracle, postgresql
#
database = "mysql"
#
# Which FreeRADIUS driver to use.
#
driver = "rlm_sql_${database}"
# Connection info:
server = "localhost"
#port = 3306
# login = "radius"
# password = "radpass"
login = "root"
The username for the SQL server is root and no password has been set:
this is ok as the server is not connected to any network other then
the switch which is also not connected to anything!!
In DaloRADIUS I created a user using the MAC address of my test laptop
of which I then added the: AUTH-TYPE field as ACCEPT; EGRESS-VLANID
field as 10; EGRESS-VLAN NAME as TEST_VLAN
Unfortunately this hasn't worked and I am definitely missing something
here but what I'm not sure.
I am not very familiar with RADIUS (still learning) and through the
documentation I have been reading running any of the Cisco debug
commands or sh radius stuff didn't really tell me if the switch was
even linked to the server.
I additionally don't see anything in any of the RADIUS logs either.......
This is all I get:
# cat radius.log
Tue Jul 10 12:11:17 2012 : Info: Loaded virtual server inner-tunnel
Tue Jul 10 12:11:17 2012 : Info: Loaded virtual server <default>
Tue Jul 10 12:11:17 2012 : Info: Ready to process requests.
Wed Jul 11 10:46:02 2012 : Info: Exiting normally.
Wed Jul 11 10:46:02 2012 : Info: Loaded virtual server inner-tunnel
Wed Jul 11 10:46:02 2012 : Info: Loaded virtual server <default>
Wed Jul 11 10:46:02 2012 : Info: Ready to process requests.
Wed Jul 11 11:01:47 2012 : Info: Exiting normally.
I have even tried running radiusd -sX and radiusd -X which did not
print ANY debug output whatsoever :-(
Can anybody help me in getting started trying to figure out the problem?
Regards,
Kaya
-------------- next part --------------
A non-text attachment was scrubbed...
Name: switch-confg
Type: application/octet-stream
Size: 2514 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120713/dbe4088b/attachment.obj>
More information about the Freeradius-Users
mailing list