INSTALL
CISTRON RADIUS ON LINUX
This paper is the
work of The Master Jedi Pimpsor AKA thehorse13, who has kindly
consented to it being hosted here on the TAZ.
The original post can be found here:
http://www.antionline.com/showthread.php?s=&threadid=239454
I've had some good feedback on my W2K RADIUS doc, so here is another
one I wrote for the Linux platform. I personally use this one and love
it!
Installing Cistron radius on a Linux platform
1.Download the software from ftp://ftp.radius.cistron.nl/pub/radius/
Download the file : radiusd-cistron-1.6.6.tar.gz
2.From the directory where you downloaded the software, unzip the
software with the following command: gunzip radius-cistron-1.6.6*
3.Now you must untar the file with the following command: tar –xvf
radius-cistron*
4.This creates a directory radius-cistron-1.6.6. Type cd
radius-cistron-1.6.6/src From this directory, type cp Makefile.lnx
./Makefile When prompted cp: overwrite ‘./Makefile’? type y.
5.Type make
6.Type make install
7.Type cd ../redhat From here you need to edit two lines in
rc.radiusd-redhat. Type vi rc.radiusd-redhat Use the arrow keys to move
the cursor down to the line RADIUSD=/usr/sbin/radiusd. Place the cursor
on the s of sbin and hit the i key. This will allow you to insert text.
Add local/ and hit the Esc key. Move down to the next line and edit the
line RADRELAY. Again, move the cursor on the s of sbin, and hit the i
key. Type local/ and hit Esc. To save you changes, type :wq and hit
enter. If you make any mistakes, type Esc and then type :q! which
allows you to quit without writing any changes to the file.
8.You now need to copy this file to another directory. Type cp
./rc.radiusd-redhat /etc/rc.d/init.d/radiusd
9.Now type cd /etc Type vi inittab In this file there is a line
id:x:initdefault where the x is a number representing the default run
level of the system. This number tells us which directory to install
radius as a service. Remember the number, and type :q to quit.
10.Type cd rc.d/rcx.d where x is the number from the inittab file.
In this directory, type ln /etc/rc.d/init.d/radiusd S27radiusd (The
first two characters are LN, but they must be lower case.)
11.The configuration files for radius are stored in /etc/raddb
There are two files that you need to edit, users and clients. First,
edit the clients. This file controls what servers are allowed to attach
to the radius server for authentication. There are a couple of default
entries already in the file. If you are running the radius server on
the vpn server, then keep the client localhost, but change the
testing123 to a different key. When you setup the vpn server, make sure
you give it the server address localhost, and the new secret key.
12.To add users, edit the users file. To add a user, you need to add
the following two lines:
Userid Auth-Type = Local, Password = “password”
Service-Type = Framed-User
13.To start and stop the service, cd /etc/rc.d/rcx.d where x is
your run level. Type ./S27radiusd start/stop to start or stop the
service. You will need to restart the service after changes are made to
the clients or users files in /etc/raddb.
If anyone has interest in setting LDAP on W2K, just send me a
message. I had the joy of setting that up about 6 months ago. Like
anything else I do, I document the hell out of it.
Hope this helps
Original Tutorial
Submitted by
Nokia for TheTAZZone-TAZForum
Originally posted on March 4th, 2006 here
Do not use, republish, in whole or in part, without the consent of
the Author. TheTAZZone policy is that Authors retain the rights to the
work they submit and/or post...we do not sell, publish, transmit, or
have the right to give permission for such...TheTAZZone merely retains
the right to use, retain, and publish submitted work within it's
Network.