Only the parameters which are changing listed, the other parts of the file should be leaved intact. /private/etc/raddb/attrs … DEFAULT Tunnel-Type == VLAN, Tunnel-Medium-Type == IEEE-802, Tunnel-Private-Group-Id =* ANY, … /private/etc/raddb/radiusd.conf … max_request = 16384 proxy_requests = no $INCLUDE clients.conf … /private/etc/raddb/eap.conf … default_eap_type = peap #gtc […]
Categories Open Source systems
802.1x supplicants can be monitored and logged with mySQL and a simple php code. “Allow network connection” permission is required for mySQL connection. mySQL root password also can be asssinged at this moment. from mySQL CLI interface an additional configuration is required as written below: servername root#mysql –uroot –pabc123 mysql>CREATE DATABASE radius; […]
Log management with mySQL for 802.1x
The openLDAP schema need to be extended for some attributes those are not exist in default schema. After the schema extention, If you are using MAC OSX server, you can use “inspector mode” to assign VLANs to your users directly from server admin GUI with radiusTunnelPrivateGroupId attribute. During authentication process a LDAP […]
OpenLDAP scheme extension for 802.1x dynamic VLAN assignment
There are tools to create a Certification Authority and processing certificates in OpenSLL installation. Below you can find the steps to create a CA, a Radius server certificate and an IP Phone certificate. If your IP phones have no real time clock, you can change your servers clock temporarly to […]