Hi Jim -
On Sun, 15 Aug 1999, Jim Mercer wrote:
> a client of mine recently purchased Radiator (on my advice, even though i
> hadn't installed it before).
>
> i've mostly got it working, but have a few problems i can't seem to solve:
>
> we have:
> 2 - USR Total Control (don't have the model handy)
> 2 - FreeBSD 2.2.6 Unix servers
> password/group files are shared using NIS/yp
>
> after some stuggles, i managed to get to the attached configuration files.
> (it would be nice if some of the unix oriented stuff was a bit more
> highlighted)
>
> my outstanding issues are as follows:
>
> - need to either:
> - deny access to users is group "noppp" (gid 102)
> - only allow access to users is group "users" (gid 101)
I don't understand the requirements above - could you expain?
> - default simultaneous use to 1
> - i've tried several of the recipes in the docs and it doesn't seem to
> work, even without SNMP.
You should use "MaxSessions 1" in your <Realm DEFAULT>
(DefaultSimultaneousUse is an AuthBy parameter)
<Realm DEFAULT>
MaxSessions 1
....
....
</Realm>
And you should verify that your SNMP configuration between your Radiator hosts
and your NAS's is correct and functioning.
>
> /usr/local/etc/radius.cfg:
> --------------------------------
> AuthPort 1645
> AcctPort 1646
> SnmpgetProg /usr/local/bin/snmpget
> DefaultSimultaneousUse 1
>
> Trace 3
> LogDir /home/logs/radius
>
> DbDir /usr/local/etc/raddb
>
> <Client dial-1.cybrnet.net>
> Secret ????????
> IgnoreAcctSignature
> NasType TotalControlSNMP
> </Client>
> <Client dial-2.cybrnet.net>
> Secret ????????
> IgnoreAcctSignature
> NasType TotalControlSNMP
> </Client>
>
> <Realm DEFAULT>
> <AuthBy SYSTEM>
> </AuthBy>
> AcctLogFileName %L/%C/detail
> </Realm>
>
> <SessionDatabase DBM>
> # The name of the DBM file. Defaults on %D/online
> Filename %D/online
> </SessionDatabase>
> --------------------------------
>
> /usr/local/etc/raddb/users:
> --------------------------------
> DEFAULT
> Framed-Protocol = PPP,
> Service-Type = Framed-User,
> Idle-Timeout = 1200,
> Framed-Protocol = PPP,
> Framed-IP-Address = 255.255.255.254,
> Framed-MTU = 1500
> --------------------------------
>
And you only need one "Framed-Protocol = PPP" above.
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsod
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
