Re: (RADIATOR) problems with Radiator and USR TC, FreeBSD 2.2.6, NIS, Simul-Use

[Hugh Irvine]

Hi Jim -

On Sun, 15 Aug 1999, Jim Mercer wrote:
 a client of mine recently purchased Radiator (on my advice, even though i
 hadn't installed it before).
 
 i've mostly got it working, but have a few problems i can't seem to solve:
 
 we have:
 2 - USR Total Control (don't have the model handy)
 2 - FreeBSD 2.2.6 Unix servers
   password/group files are shared using NIS/yp
 
 after some stuggles, i managed to get to the attached configuration files.
 (it would be nice if some of the unix oriented stuff was a bit more
 highlighted)
 
 my outstanding issues are as follows:
 
 - need to either:
 - deny access to users is group "noppp" (gid 102)
 - only allow access to users is group "users" (gid 101)

I don't understand the requirements above - could you expain?

 - default simultaneous use to 1
 - i've tried several of the recipes in the docs and it doesn't seem to
   work, even without SNMP.

You should use "MaxSessions 1" in your Realm DEFAULT
(DefaultSimultaneousUse is an AuthBy parameter)

Realm DEFAULT
MaxSessions 1


/Realm

And you should verify that your SNMP configuration between your Radiator hosts
and your NAS's is correct and functioning.

 
 /usr/local/etc/radius.cfg:
 
 AuthPort 1645
 AcctPort 1646
 SnmpgetProg /usr/local/bin/snmpget
 DefaultSimultaneousUse 1
 
 Trace 3
 LogDir /home/logs/radius
 
 DbDir /usr/local/etc/raddb
 
 Client dial-1.cybrnet.net
 Secret 
 IgnoreAcctSignature
 NasType TotalControlSNMP
 /Client
 Client dial-2.cybrnet.net
 Secret 
 IgnoreAcctSignature
 NasType TotalControlSNMP
 /Client
 
 Realm DEFAULT
 AuthBy SYSTEM
 /AuthBy
 AcctLogFileName %L/%C/detail
 /Realm
 
 SessionDatabase DBM
 # The name of the DBM file. Defaults on %D/online
 Filename %D/online
 /SessionDatabase
 
 
 /usr/local/etc/raddb/users:
 
 DEFAULT
 Framed-Protocol = PPP,
 Service-Type = Framed-User,
 Idle-Timeout = 1200,
 Framed-Protocol = PPP,
 Framed-IP-Address = 255.255.255.254,
 Framed-MTU = 1500
 
 

And you only need one "Framed-Protocol = PPP" above.

hth

Hugh

--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsod


===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) problems with Radiator and USR TC, FreeBSD 2.2.6, NIS, Simul-Use

[tom minchin]

On Sun, Aug 15, 1999 at 06:24:43PM +1000, Hugh Irvine wrote:
  my outstanding issues are as follows:
  
  - need to either:
  - deny access to users is group "noppp" (gid 102)
  - only allow access to users is group "users" (gid 101)
 
 I don't understand the requirements above - could you expain?
 
Probably want to use the Group Check item in your DEFAULT and per-user
entries.

DEFAULT Group = "users"
...

auser   Group = "users"
...

Any other users not in that group will be denied by default.

[EMAIL PROTECTED]

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.