Friday, April 20, 2007

FreeRadius configure with CSPS----Writen by welv

1)Firstly,config your CSPS Authentication using Radius and Scheme using HTTP_Digest, then fill in your primary radius server's ip address and port,such as 10.74.51.42 and port is 1812(authentication default),next is Accounting,turn on and fill in primary server's address too.

2)Secondly,edit radiusd.conf,uncomment digest in Authenticate{},such as:

authenticate {
Auth-Type PAP {
pap
}
Auth-Type CHAP {
chap
}
Auth-Type MS-CHAP {
mschap
}
# If you have a Cisco SIP server authenticating against
# FreeRADIUS, uncomment the following line, and the 'digest'
# line in the 'authorize' section.
digest
......
}

you can see the reason why we need did like this from the comments

3)edit users file in the same directory:

DEFAULT Auth-Type := digest
Fall-Through = 1
......

4)insert some account data in mysql database,table radcheck:

Full Texts id UserName Attribute op Value
Edit Delete 1 pank User-Password == 1111
Edit Delete 2 vincent User-Password == 2222
Edit Delete 3 520601 Password == 520601
Edit Delete 4 512352 Password == 512352
Edit Delete 5 2471 Password == 2471
Edit Delete 6 512332 User-Password == 512332


5)insert some attributes in radgroupreply like this:

Full Texts id GroupName Attribute op Value
Edit Delete 1 user Service-Type == Framed-User
Edit Delete 2 user Framed-Protocol == PPP
Edit Delete 3 user Framed-Compression == Van-Jacobsen-TCP-IP

6)Now you can using your phone register to proxy 10.74.52.42,then it will proxy these register message to radius server 10.74.51.42 for authentication
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)