Sunday, April 24, 2016

pppoe server on linux system with radius authentication backend

by default pppoe-server (pppd) will authenticate and authorize by using user password from  /etc/ppp/chap-secrets that have format like below
username        service-type password                  IP addresses
with such format, the options is limited. so to get a more options, we can  configure pppoe-server to authenticate against radius server.

*** setup information ***
-  radius and pppoe will be install on the same server
1-follow the link below until finish "pppoe server" section
http://www.atechnote.com/2016/04/setup-your-own-pppoe-server-on-linux.html
after complete this step you will the work and running pppoe server

2- follow the link below until finish "on radius server " section
http://www.atechnote.com/2016/04/setup-radius-server-for-pppoe.html
after than you will get work and running freeradius server. the username and password also created as user8/pass8

--------------------------------

*** on radius server ***
1- install radius client library
$ sudo apt-get install libfreeradius-client2

2- create empty  file called port-id-map in /etc/radiusclient directory
$ cd /etc/radiusclient; sudo touch port-id-map

3- add radius ip address + secret to servers, /etc/radiusclient;/servers
localhost       testing123

4- update pppoe setting file  /etc/ppp/pppoe-server-options
plugin radius.so
plugin radattr.so
ms-dns 8.8.8.8
asyncmap 0
noauth
crtscts
lock
hide-password
modem
debug
proxyarp
lcp-echo-interval 10
lcp-echo-failure 2
noipx

require-chap
ktune
nobsdcomp
noccp
novj


5- run pppoe server again you, and it will authenticate to our local radius server. if you alaready run pppoe server, kill it first.
$ sudo killall pppoe-server
$ sudo pppoe-server -I eth1 -p /etc/ppp/pppoe1-pool  -L 10.0.0.1

+++ now everything is ready and we can use windows client to dial pppoe connection to our pppoe server

- below screenshot from windows xp using username user8 and password pass8


No comments:

Post a Comment