User Manual LTU Orion 3
37
#
#
# Radius settings for FlexDSL units
#
#
VENDOR FlexDSL 4249
BEGIN-VENDOR FlexDSL
ATTRIBUTE FlexDSL-Rights 0 string
END-VENDOR FlexDSL
As a second step we need to connect newly created Vendor Specific file to the freeradius
dictionary file:
File is located at /usr/share/freeradius/dictionary
String to add:
$INCLUDE dictionary.flexdsl
If Vendor Specific Attributes are used, the server will send the message containing two fields:
<Vendor-Specific> <4249 0 ACCESS_RIGHTS_STRING>. Here 4249 is Vendor ID of FlexDSL
Telecommunications AG. ACCESS_RIGHTS_STRING contains the user privileges.
Client configuration. File clients.conf.
We need to define RADIUS clients
Client configuration file contains the IP addresses of the modems with build-in RADIUS clients
and shared secret passphrase. File is located at /etc/freeradius/clients.conf
# FlexDSL Orion3 Clients
# Modems from network 192.168.1.0/24 will be authenticated using secret
# phrase. Don't forget to add "sharing secret" to Orion3 modem using
# RADIUS SECRET command
client 192.168.1.0/24 {
secret = My1stSecretCode4Radius
require_message_authenticator = no
nastype = other
}
User configuration. File users
We need to create USERS with appropriate rights
User records are located at /etc/freeradius/users
# Orion3 User with Administration rights
ORION3ADMIN Cleartext-Password := "AdminPass"
FlexDSL-Rights = ALL,
Framed-IP-Address = 192.168.169.0,
Framed-IP-Netmask = 255.255.255.0
# Orion3 User with User rights. Basic change of configuration
ORION3USER Cleartext-Password := "UserPass"
FlexDSL-Rights = CONTROL,
FlexDSL-Rights += TEST,
FlexDSL-Rights += STATUS,
FlexDSL-Rights += CONFIG,
Framed-IP-Address = 192.168.169.0,
Framed-IP-Netmask = 255.255.255.0
# Orion3 User with Read-only rights
ORION3OPERATOR Cleartext-Password := "OperatorPass"
FlexDSL-Rights = TEST,
FlexDSL-Rights += STATUS,
Framed-IP-Address = 192.168.169.0,
Framed-IP-Netmask = 255.255.255.0
To Next Page
Loading...
