Jan 18, 2010

Authentifikasi vpn ISA Server 2006 with freeradius (ubuntu 9.10)

--knowing--
just alternative user management untuk koneksi vpn ke ISA Server dengan menggunakan freeradius yang terinstall di ubuntu 9.10

--1--

instalalsi freeradius and mysql

[root@game]#apt-get install freeradius*
[root@game]#apt-get install mysql-server mysql-client phpmysql vim
[root@game]# freeradius -v
freeradius: FreeRADIUS Version 2.1.0....
.......

--note -> buat database bisa pake mysql or phpmyadmin. Default database 'radius'. Kemudian import scema database dari freeradius ke mysql.


[root@game]#mysql -u root 
mysql>create database radius;
mysql>GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "password";
mysql>exit;
[root@game]# mysql -u root -p radius < /etc/freeradius/sql/mysql/schema.sql

--2--

[root@game]#vim /etc/freeradius/radiusd.conf 
# set 
proxy_requests  = yes
# to
proxy_requests  = no

[root@game]#vim /etc/freeradius/sql.conf 
#set koneksinya ke database mysql
server = "localhost"
login = "root"
password = "pass-mysql"

#dan uncoment baris dibawah ini

readclients = yes


[root@game]#vim  /etc/freeradius/sites-enabled/default
#hilangkan tanda # di depan "sql" di
authorize{
....
sql
...
}
accounting{
....
sql
...}
session{
....
sql
...}
post-auth{
....
sql
...}

[root@game]#vim  /etc/freeradius/clients.conf
.....
client localhost {
           ipaddr = 127.0.0.1
           secret  = testing123
           require_message_authenticator = no
           shortname   = localhost
           nastype   = other
}


......
#ini test untuk  network saya( silahkan mengikuti network masing masing)
client 192.168.1.0/24 {
        secret              = testing123
        shortname       = private-network-1
}


[root@game]# /etc/init.d/freeradius restart

--Sample user--

mysql> select * from radcheck;
+----+----------+---------------+----+-------+
| id | username | attribute     | op | value |
+----+----------+---------------+----+-------+
|  1 | jajal    | User-Password | := | jajal |
|  2 | fo       | User-Password | := | fo    |
|  3 | game     | User-Password | := | game  |
|  5 | sama     | User-Password | := | sama  |
+----+----------+---------------+----+-------+
4 rows in set (0.00 sec)


--testing and checking 1--

[root@game]# radtest game game localhost 1812 testing123
Sending Access-Request of id 109 to 127.0.0.1 port 1812
    User-Name = "game"
    User-Password = "game"
    NAS-IP-Address = 127.0.1.1
    NAS-Port = 1812
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=109, length=20

-- akses dari ISA Server 2006 --

 -note -> settingan vpn di ISA tidak dibahas di sini :D
 Buka properties Virtual Private Network >RADIUS. check use RADIUS dan klik RADIUS Server, seperti gambar. isikan shared secret sesuai di clinets.conf



--testing and checking 2--





sumber :
google.com
http://www.8021xhelp.com/node/6

0 comments:

Post a Comment

comment please ...