RADIUS for other purposes

Home Page Forums Network Management ZeroShell RADIUS for other purposes

This topic contains 3 replies, has 0 voices, and was last updated by  ptaylor 12 years, 5 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #40649

    ptaylor
    Member

    Is it possible to also allow PAP w/ the FreeRADIUS in zeroshell?

    I’m asking because we currently use Monowall for the Captive Portal and we are planning to implement WLAN via Zeroshell, but we’d like to point Monowall to authenticate its captive portal users via Zeroshell. As I understand it, it only supports PAP…

    Any idea how PAP could be added (so that 802.1X would continue to work)?

    Another alternative that I am considering would be to add a Windows 2003 domain controller for this.. I understand that Zeroshell will integrate w/ AD for user auth, and I’ve read that Monowall can be configured to work with IAS for its Captive Portal also…

    Thanks,
    Paul

    #45447

    imported_fulvio
    Participant

    Hi Paul.

    I have just tried with the FreeRadius server configured in ZeroShell with radtest utility.
    The result is the following:

    [fulvio@wks ~]$ radtest fulvio MyTestPassword 192.168.0.75 1 testsecret
    Sending Access-Request of id 204 to 192.168.0.75:1812
    User-Name = “fulvio”
    User-Password = “MyTestPassword”
    NAS-IP-Address = wks.example.com
    NAS-Port = 1
    rad_recv: Access-Accept packet from host 192.168.0.75:1812, id=204, length=20

    and the Zeroshell log is:
    12:27:04 Login OK: [fulvio] (from client server port 1)

    This indicates that PAP is active because User-Password = “MyTestPassword” is a not encrypted text password.
    Do you have already tried the captive portal of M0n0wall and it does not work with Zeroshell radius service?
    Are you sure you configured the shared secret correctly? You have to add the IP address and the shared secret of your Monowall server in the list of the accesspoints of Zeroshell.

    Regards
    Fulvio

    #45448

    ptaylor
    Member

    I did set the shared secret on Monowall and configured it as an access point in ZeroShell with the appropriate shared secret, but it did not work.

    I looked into Monowall a bit and it appeared to use PAP.

    The only thing unusual about my test is that the Monowall that I was attempting to use was on the other side of a firewall, so there is the possibility that something is amiss there, though I thought I had the firewall rules in place appropriately.

    I think that I’ll just move my test Monowall on to the same segment as Zeroshell to rule out any firewall issues and try again. Having both Monowall and Zeroshell going after the same user database would be a good thing.

    #45449

    imported_fulvio
    Participant

    Are you sure that the Zeroshell box with the RADIUS configured is contacted by M0n0wall with its IP and not with the IP of the Firewall (NAT enabled). In this case you have to add the shared secret with the IP of the firewall.
    Have you checked the log of the RADIUS server? If the problem is the shared secret then no messages are logged.

    Regards
    Fulvio

    #45450

    ptaylor
    Member

    It was my captive portal – It wasn’t allowing a reply from Zeroshell.

    It’s working properly now, though… Thanks!

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.