Diferencia entre revisiones de «RADIUS»
De ENES Juriquilla
Sin resumen de edición |
Sin resumen de edición |
||
| Línea 78: | Línea 78: | ||
max_connections = 16 | max_connections = 16 | ||
lifetime = 0 | lifetime = 0 | ||
idle_timeout = 30 | |||
} | } | ||
} | } | ||
Revisión del 22:07 12 feb 2025
- Configuración de archivo radius.conf
Una vez instalado y configurado el servicio de LDAP., se procede a configurar el servicios de Radius
Se edita el archivo /etc/freeradius/3.0/radiusd.conf
prefix = /usr
exec_prefix = /usr
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = /var/log/freeradius
raddbdir = /etc/freeradius/3.0
radacctdir = ${logdir}/radacct
name = freeradius
confdir = ${raddbdir}
modconfdir = ${confdir}/mods-config
certdir = ${confdir}/certs
cadir = ${confdir}/certs
run_dir = ${localstatedir}/run/${name}
db_dir = ${raddbdir}
libdir = /usr/lib/freeradius
pidfile = ${run_dir}/${name}.pid
correct_escapes = true
max_request_time = 30
cleanup_delay = 5
max_requests = 16384
hostname_lookups = no
log {
destination = files
colourise = yes
file = ${logdir}/radius.log
syslog_facility = daemon
stripped_names = no
auth = yes
auth_badpass = no
auth_goodpass = no
msg_denied = "You are already logged in - access denied"
}
checkrad = ${sbindir}/checkrad
ENV {
}
policy { $INCLUDE policy.d/ }
$INCLUDE sites-enabled/
- Configuración de clientes
'Se edita el archivo /etc/freeradius/3.0/clients.conf
A continuación se muestra el contenido ejemplo de las controladoras configuradas como clientes.
client 10.10.50.0/24 {
ipaddr = 10.10.50.0
prefix = 24
secret = 12345678
shortname = radENES
}
client my_radius {
ipaddr = 10.10.100.19
prefix = 24
secret = 12345678
shortname = radius_ldap
}
client 10.10.100.254{
ipaddr = 10.10.100.254
secret = 12345678
shortname = intraENES
}
client localhost {
ipaddr = 127.0.0.1
proto = *
secret = 12345678
require_message_authenticator = no
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
client localhost_ipv6 {
ipv6addr = ::1
secret = 12345678
}
