...
Code Block |
---|
apt-get install freeradius
systemctl enable freeradius.service |
Modify /etc/freeradius/3.0/mods-available/eap:
...
Modify /etc/freeradius/3.0/sites-available/default, comment the following lines:
Code Block |
---|
# InAll the authorize section: chap mschap digest files -ldap pap # In the authenticate section: Auth-Type PAP { pap } Auth-Type CHAP { chap } Auth-Type MS-CHAP { mschap listen sections except the IPv4 version with "type = auth" listen { ipaddr = * port = 0 type = acct limit { } } listen { type = auth ipv6addr = :: # any. ::1 == localhost port = 0 limit { max_connections = 16 lifetime = 0 idle_timeout = 30 } } listen { ipv6addr = :: port = 0 type = acct limit { } } # In the authorize section: chap mschap digest files -ldap pap # In the authenticate section: Auth-Type PAP { pap } Auth-Type CHAP { chap } Auth-Type MS-CHAP { mschap } mschap digest |
Uncomment the following line in the 'authorize' section, and add it at the end of the 'post-auth' section:
...
Modify /etc/freeradius/3.0/sites-available/inner-tunnel, comment the following lines:
Code Block |
---|
# The whole listen section
listen {
ipaddr = 127.0.0.1
port = 18120
type = auth
}
# In the authorize section:
chap
mschap
files
-ldap
# In the authenticate section:
Auth-Type PAP {
pap
}
Auth-Type CHAP {
chap
}
Auth-Type MS-CHAP {
mschap
} |
...