User Manual LTU Orion 3
38
NOTE: Don`t forget to restart freeradius server after changing configuration using
sudo service freeradius restart command.
3.2.2.9.2 Simplified RADIUS Server Setup
Alternatively we can setup the freeradius server without Vendor Specific dictionary file and declare
Vendor-Specific field in user configuration file instead
User configuration. File users
We need to create USERS with appropriate rights
User records are located at /etc/freeradius/users
# Orion3 User with Administration rights
ORION3ADMIN Cleartext-Password := "AdminPass"
Vendor-Specific = ALL,
Framed-IP-Address = 192.168.1.0,
Framed-IP-Netmask = 255.255.255.0
# Orion3 User with User rights. Basic change of configuration
ORION3USER Cleartext-Password := "UserPass"
Vendor-Specific = CONTROL,
Vendor-Specific += TEST,
Vendor-Specific += STATUS,
Vendor-Specific += CONFIG,
Framed-IP-Address = 192.168.1.0,
Framed-IP-Netmask = 255.255.255.0
# Orion3 User with Read-only rights
ORION3OPERATOR Cleartext-Password := "OperatorPass"
Vendor-Specific = TEST,
Vendor-Specific += STATUS,
Framed-IP-Address = 192.168.1.0,
Framed-IP-Netmask = 255.255.255.0
Without Vendor Specific Attributes defined, the server will send the message containing two fields:
<Vendor-Speci
f
ic>
<ACCESS
_RIGHTS_STRI
NG>.
No
vendor
ID
will
be
attached
to
the
message.
Client configuration file contains the same information as in the previous example.
Client configuration. File clients.conf.
We need to define RADIUS clients
Client configuration file contains the IP addresses of the modems with build-in RADIUS clients
and shared secret passphrase. File is located at /etc/freeradius/clients.conf
# FlexDSL Orion3 Clients
# Modems from network 192.168.1.0/24 will be authenticated using secret
# phrase. Don't forget to add "sharing secret" to Orion3 modem using
# RADIUS SECRET command
client 192.168.1.0/24 {
secret = My1stSecretCode4Radius
require_message_authenticator = no
nastype = other
}
NOTE: Don`t forget to restart freeradius server after changing configuration using
sudo service freeradius restart command.
To Next Page
Loading...
