Procurve Radius Server Anbindung: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Zeile 33: Zeile 33:
 
*configure terminal
 
*configure terminal
 
*aaa port-access mac-based 22
 
*aaa port-access mac-based 22
 +
=Config anzeigen=
 +
*show port-access ethernet 22 mac-based config
 +
<pre>
 +
Port Access MAC-Based Configuration
 +
 +
  MAC Address Format : no-delimiter
 +
 +
                Client Client Logoff    Re-Auth  Unauth  Auth   
 +
  Port  Enabled  Limit  Moves  Period    Period    VLAN ID  VLAN ID
 +
  ----- -------- ------ ------ --------- --------- -------- --------
 +
  22    Yes      2      No    300      0        0        0     
 +
</pre>
 
=Clients anzeigen=
 
=Clients anzeigen=
 
==Nicht erfolgreich==
 
==Nicht erfolgreich==

Version vom 14. April 2016, 10:18 Uhr

Freeradius

  • head -3 /etc/freeradius/users
60eb69962da5  Cleartext-Password := "60eb69962da5"
xinux  Cleartext-Password := "suxer"
rudi  Cleartext-Password  := "wiggel"
  • tail -8 /etc/freeradius/clients.conf
client lan-clients {
 ipaddr = 192.168.240.0
 netmask = 21
 secret = sysadm
 require_message_authenticator = no
 nastype = other
}

Radius Server Einrichten

  • configure terminal
  • radius-server host 192.168.244.49 auth-port 1812 acct-port 1813
  • radius-server key sysadm
  • end

Set general port-access Parameters

  • configure terminal
  • aaa authentication ssh login radius local
  • aaa authentication ssh enable radius local
  • aaa authentication console login radius local
  • aaa authentication console enable radius local
  • aaa authentication login privilege-mode
  • end

Generelle Parameter

  • configure terminal
  • aaa authentication port-access eap-radius
  • end

Macbased Access

  • configure terminal
  • aaa port-access mac-based 22

Config anzeigen

  • show port-access ethernet 22 mac-based config
 Port Access MAC-Based Configuration

  MAC Address Format : no-delimiter

                 Client Client Logoff    Re-Auth   Unauth   Auth    
  Port  Enabled  Limit  Moves  Period    Period    VLAN ID  VLAN ID 
  ----- -------- ------ ------ --------- --------- -------- --------
  22    Yes      2      No     300       0         0        0

Clients anzeigen

Nicht erfolgreich

  • show port-access ethernet 22 mac-based
 Port Access MAC-Based Status

        Authenticated Unauthenticated Current 
  Port  Clients       Clients         VLAN ID 
  ----- ------------- --------------- --------
  22    0             1               10

Erfolgreich

  • show port-access ethernet 22 mac-based
 Port Access MAC-Based Status

        Authenticated Unauthenticated Current 
  Port  Clients       Clients         VLAN ID 
  ----- ------------- --------------- --------
  22    1             0               10

Links

Abgerufen von „http://wiki.ixheim.de/index.php?title=Procurve_Radius_Server_Anbindung&oldid=8883