D&C Lug - Home Page
Devon & Cornwall Linux Users' Group

[ Date Index ][ Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Radius on DEBIAN (JITEFYOS)



> On Wed, Apr 16, 2003 at 11:20:40AM +0100, Pete Hatton wrote:
> > Hmm thats the packages, how about conifiguring it? Now thats the HARD bit 
> > :) (So I've been told) 
> 
> I heard Radius is so popular because it made things easy.
> 
> Anyway, again debian wins with dpkg-reconfigure

I doubt it, it certainly couldn't handle this scenario.  The radius server 
in question, had to be set up on a IPV6 network and connected to the IPV4 
network via a SSH2 tunnel, using SSH2 DSA public-private keys.  Then on 
the gateway, the VPN freeswan server had to connect back to the raduius 
server to get back to the IPV6 network.

The we had to get a apache server to connect to the Radius server, via 
another SSH tunnel, with a squid proxy in the way.  A quick fiddle with 
the iptables setuip on both the squid proxy server, and the raduius server 
soon sorted that, once we realised we needs a 2048 bit DSA public-private 
keyset to connect up the SSH tunnel.

Once the apache config was working, the radius server needed a mysql 
server installed to handle the SOAP XML-RPC requests coming from the 
apache server via https over a SSL 128 bit connection.  We still have a 
few minor problesm withe certificates, but thats due to the old 40bit 
browsers out there.

Next on the list to configure - the arp server, or do we get the RIP 
server working next?

Pete Hatton
---------------------------------
E-mail:  pete@xxxxxxxxxxxxx
Webpage: http://www.monolight.org
---------------------------------
Conquering Russia should be done steppe by steppe.


--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.


Lynx friendly