CHAPTER A: RADIUS SERVER AND CERTIFICATES SETTING UP A SIMPLE RADIUS SERVER
8 SERIES PROTECTIVE RELAY PLATFORM – COMMUNICATIONS GUIDE A-5
The following text defines a RADIUS client 8 Series unit with the assumption that its IP-
address is 10.0.0.2 and subnet mask is 255.255.255.0. The “secret” that is specified here is
also configured on the 8 Series unit for successful authentication. The “shortname” is a
short alias that can be used in place of the IP address and it is optional.
client 10.0.0.2/24 {
secret = testing123
shortname = private-network-1
}
DICTIONARY.GE
Create a file called “dictionary.ge” under the <Path_to_Radius>\etc\raddb directory and
add the following content to it:
# ##########################################################
# GE VSA’s
############################################################
VENDOR GE 2910
# Management authorization
BEGIN-VENDOR GE
# Role ID
ATTRIBUTE GE-UR-Role 1 integer
# GE-UR-ROLE values
VALUE GE-UR-Role Administrator 1
VALUE GE-UR-Role Supervisor 2
VALUE GE-UR-Role Engineer 3
VALUE GE-UR-Role Operator 4
VALUE GE-UR-Role Observer 5
END-VENDOR GE
#############################################################
DICTIONARY
Add the following line to the “dictionary” file present under <Path_to_Radius>\etc\raddb.
$INCLUDE dictionary.ge
EAP.CONF
The eap.conf file is available under the <Path_to_Radius>\etc\raddb directory.
Locate the “tls” block and add the respective entries as shown in figure A-2 to the
“private_key_file”, ”certificate_file” and “CA_file” fields.
To Next Page
Loading...
