- 论坛徽章:
- 0
|
哪位老大有把FreeBSD做的RADIUS的方法????
out of date
for historical info only
How to install ascend radius on freebsd
run /stand/sysinstall
and select post installation configuration, and then install prepackaged programs.
do install from an FTP site, and select /globe/pub/FreeBSD
press to search, and look for "ascend"
install ascend-radius
exit sysinstall
type:
cd /usr/ports/net/ascend-radius
make
then:
cd /usr/local/etc/raddb
and create a file called "users" containing:
DEFAULT Password = "UNIX"
User-Service = Login-User,
Login-Service = Telnet
with perms:
-r-------- 1 root wheel 79 Oct 14 08:42 users
also, while in /usr/local/etc/raddb type:
cp clients-example clients
to create a default clients file.
Then, run
/usr/local/sbin/builddbm
to create a binary copy of the "users" file.
ensure that your /etc/services file contains:
radius 1645/udp #radiusd
(or use port 1812 for the official correct port. 1645 is the old incorrect port. Waterloo Polaris will work with any port you want, since you have to tell the server which port to use)
Run...
/usr/local/sbin/radiusd.dbm
to start the daemon. Whenever you edit the users or clients file, run builddbm again, and kill the radiusd.dbm process and restart it.
View /usr/local/etc/raddb/logfile to look for errors.
Add the /usr/local/sbin/radiusd.dbm command to your /etc/rc.local file so that it starts after a reboot.
Later, you can configure your Watstar servers to use your radius server for password checking. That will require a new central.exe to be distributed (coming soon), and some EDPARing to specify the radius host, port, etc. You will have to edit the "clients" file and specify all of your watstar server ipnames, which a "secret" for each (a 16 character string). The "secret" is entered via EDPAR also. This shared secret prevents packet snooping from determining passwords. |
|