-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Márcio Luciano Donada escreveu: > Boa tarde, Alguém tem o mpd funcionando com o radius? Gostaria de > trocar umas idéias em off mesmo. > > Abraço,
Depois de muita briga com o mpd e radius, passo abaixo a configuração para autenticação do mpd e radius no ldap. mpd.conf: default: load pptp pptp: load pptp1 load pptp2 load pptp3 load pptp4 pptp0: new -i ng1 pptp0 pptp0 load pptp-conf set ipcp ranges 121.1.254.254/32 121.1.254.100/32 pptp1: new -i ng1 pptp1 pptp1 load pptp-conf set ipcp ranges 121.1.254.254/32 121.1.254.101/32 pptp2: new -i ng2 pptp2 pptp2 load pptp-conf set ipcp ranges 121.1.254.254/32 121.1.254.102/32 pptp3: new -i ng3 pptp3 pptp3 load pptp-conf set ipcp ranges 121.1.254.254/32 121.1.254.103/32 pptp4: new -i ng4 pptp4 pptp4 load pptp-conf set ipcp ranges 121.1.254.254/32 121.1.254.104/32 pptp5: new -i ng5 pptp5 pptp5 load pptp-conf set ipcp ranges 121.1.254.254/32 121.1.254.105/32 pptp-conf: load radius set bundle yes radius-acct set iface disable on-demand set iface enable proxy-arp set iface idle 1800 set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 240 set ipcp yes vjcomp set ipcp nbns 200.228.43.2 set ipcp dns 200.228.43.2 set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set ccp yes mpp-stateless radius: set radius config /etc/radius/radius.conf set radius retries 3 set radius timeout 3 set radius acct-update 300 set bundle enable radius-auth radius-fallback set bundle enable radius-acct set iface enable radius-idle radius-session radius-mtu radius-route set bundle enable compression set ccp yes mppc set ccp enable radius no radiusd.conf: prefix = /usr/local exec_prefix = ${prefix} sysconfdir = ${prefix}/etc localstatedir = /var sbindir = ${exec_prefix}/sbin logdir = /var/log raddbdir = ${sysconfdir}/raddb radacctdir = ${logdir}/radacct confdir = ${raddbdir} run_dir = ${localstatedir}/run/radiusd log_file = ${logdir}/radius.log libdir = ${exec_prefix}/lib pidfile = ${run_dir}/radiusd.pid max_request_time = 30 delete_blocked_requests = no cleanup_delay = 5 max_requests = 1024 bind_address = * port = 0 hostname_lookups = no allow_core_dumps = no regular_expressions = yes extended_expressions = yes log_stripped_names = no log_auth = yes log_auth_badpass = no log_auth_goodpass = no usercollide = no lower_user = no lower_pass = no nospace_user = no nospace_pass = no checkrad = ${sbindir}/checkrad $INCLUDE ${confdir}/clients.conf modules { mschap { authtype = MS-CHAP } ldap { server = "localhost" basedn = "ou=Users,dc=auroraalimentos,dc=com,dc=br" filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" start_tls = no ldap_connections_number = 5 timeout = 4 timelimit = 3 net_timeout = 1 } } authorize { ldap mschap } authenticate { Auth-Type MS-CHAP { mschap } } /usr/local/etc/raddb/users (importantíssimo) DEFAULT Auth-Type = LDAP Fall-Through = 1 cd /etc/radius.conf acct 127.0.0.1 senha_do_cliente_radius auth 127.0.0.1 senha_do_cliente_radius Acho que era isso. Abraço, -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGlOJmbjyCr4Ixg0wRAjZTAJ9Lulo8apTrQAccWc68ZcGOmsZdJwCgheBT Xdv42UStNVHgt7Rx16WC1Mo= =hbuZ -----END PGP SIGNATURE----- ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd