"Sinisa Burina" <[EMAIL PROTECTED]> wrote: > MS-CHAPv2/EAP/LEAP support in FreeRadius caught my eye recently, and I > started to consider replacing XTRadius with FreeRadius on my company's > system. Currently I do everything (authentication, authorization and > accounting) by external scripts, with custom MySQL database in the > background that holds all the information and flags for ADSL/VPN > accounts.
FreeRADIUS can do this without running external scripts. > Can anyone give me at least a hint on how to acomplish this? As I > understand, Auth-Type "External" doesn't exist in FR, so it has to take > over authentication process from my script and, hopefully, enhance it > with support for additional authentication protocols. :-) I would suggest that you build a *new* configuration for FreeRADIUS to do what you want, instead of copying the old XTRadius configuration. It will be much easier to do than duplicating XTRadius, and it's something you'll want to do anyhow. > My current XTR users file is as follows: > > (Script "proc_check" currently takes care of username/password > verification for PAP and CHAP.) That is very much unnecessary with FreeRADIUS. > DEFAULT Acct-Status-Type =3D "Start" > Exec-Program-Account =3D "/path/to/proc_start %u" > > DEFAULT Acct-Status-Type =3D "Stop" > Exec-Program-Account =3D "/path/to/proc_stop %u" > > DEFAULT Acct-Status-Type =3D "Alive" > Exec-Program-Account =3D "/path/to/debug update" These can be put into the 'acct_users' file. Change Exec-Program-Account to Exec-Program-Wait, and accounting should work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
