Difference between revisions of "Radius"
From SME Server
Jump to navigationJump to searchm (just formatting) |
m (formatting) |
||
| Line 6: | Line 6: | ||
Radius should work out of the box for WPA2 AP. You have to create a host for your AP, with the correct IP of your AP, then set the radius secret: | Radius should work out of the box for WPA2 AP. You have to create a host for your AP, with the correct IP of your AP, then set the radius secret: | ||
| − | + | <pre> | |
| − | |||
db hosts setprop ap.domain.tld RadiusKey SuperSecretThing | db hosts setprop ap.domain.tld RadiusKey SuperSecretThing | ||
| − | |||
signal-event remoteaccess-update | signal-event remoteaccess-update | ||
| − | + | </pre> | |
| − | |||
If you want to test radius with '''radtest''' (yum install freeradius-utils) it doesn't work as is you need to do the following: | If you want to test radius with '''radtest''' (yum install freeradius-utils) it doesn't work as is you need to do the following: | ||
| Line 18: | Line 15: | ||
Add this template to '''/etc/e-smith/templates-custom/etc/raddb/users/40ldap''' | Add this template to '''/etc/e-smith/templates-custom/etc/raddb/users/40ldap''' | ||
| − | DEFAULT Auth-Type := LDAP | + | DEFAULT Auth-Type := LDAP |
expand the raddb/uses template and any user in LDAP can be used in radtest. | expand the raddb/uses template and any user in LDAP can be used in radtest. | ||
Latest revision as of 14:10, 31 December 2018
Radius is configured to a minimal level on a standard SME9 installation. Out of the box it is used for PPTP VPN user authentication.
Daniel B. Provided the following information regarding using radius on SME as an authentication source for WPA2 Enterprise.
Radius should work out of the box for WPA2 AP. You have to create a host for your AP, with the correct IP of your AP, then set the radius secret:
db hosts setprop ap.domain.tld RadiusKey SuperSecretThing signal-event remoteaccess-update
If you want to test radius with radtest (yum install freeradius-utils) it doesn't work as is you need to do the following:
Add this template to /etc/e-smith/templates-custom/etc/raddb/users/40ldap
DEFAULT Auth-Type := LDAP
expand the raddb/uses template and any user in LDAP can be used in radtest.
Command format:
radtest {username} {password} {hostname} 10 {radius_secret}
