Make sure your dictionary file says "$INCLUDE dictionary.cisco", config the cisco router with something like:
radius-server host <radius ip> auth-port 1812 acct-port 1813
radius-server retransmit 2
radius-server deadtime 2
radius-server key <radius key>
Config some routers in the client file:
client 192.168.1.1{
secret = <radius key>
shortname = bla1
}
client 192.168.1.2{
secret = <radius key>
shortname = bla2
}
Config a user in the users file:
##### The following entry is for user: Matthew ####
matthew Password == "secret1"
Auth-Type = Accept
$enab15$ Service-type == Administrative-User, Password == "secret1"
Reply-Message = " Welcome to Exec-mode, Matthew. All rights granted.",
Auth-Type = Accept
The $enab15$ is sent bij some cisco boxes / ios versions as user for enable authentication.
And run radiusd with the -X option to see what happens.
That should give you a starting point.
Serge.
-----Oorspronkelijk bericht-----
Van: Matthew Schumacher [mailto:[EMAIL PROTECTED]]
Verzonden: dinsdag 2 oktober 2001 18:53
Aan: [EMAIL PROTECTED]
Onderwerp: Re: cisco config
Oh, ok,
I doing the radius sysadmin part. I have been tasked with setting up a
ldap-radius server. Some other guy does all the cisco stuff. I don't
even have access to any of our cisco NAS boxes.
I feel real dumb now...
schu
Miquel van Smoorenburg wrote:
> In article <[EMAIL PROTECTED]>,
> Matthew Schumacher <[EMAIL PROTECTED]> wrote:
>
>>Can someone tell me which config file I need to edit to add the cisco
>>configuration options listed in the docs/cisco file? I read though the
>>file, and it lists which configuration directives to use, but it doesn't
>>say one word about which config file they go into.
>>I should know this, but I don't, and it isn't obvious to me.
>>
>
> You're pretty new to this, right?
>
> The commands in doc/cisco are cisco commands, not radius server
> configuration directives. You enter them in configuration mode on your
> Cisco. You do need to know what you are doing though, the sample
> commands are to be treated as guidelines as the actual commands might
> differ between cisco IOS versions.
>
> Mike.
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
