Luteus realeases this free Radius
Server for testing and evaluation. This simple not for production
software allows you to interface your access devices with Radius
Server and check user access.
The main goal of the Radius server
(Remote Authentication Dial-In User Service) is to centralize the
authentication information (name, password, keys ..) attached to
users. It is frequently used with Remote Access Server equipments
and Dial-in users. This Program is the server part of the Radius
client/server architecture. RADIUS is described in RFC 2865.
RADIUS protocol Uses User Datagram Protocol (UDP) messages. UDP port 1812 is used for RADIUS authentication messages and UDP port 1813 is used for RADIUS accounting messages).
Download radl
Overview of the Radl user interface.
Radl Setup
The Server has default setting that are define
by the Radius RFC. You can change it by calling the setup dialog box.
The configuration can be made directly here or
by changing the Windows services files (Windows/System32/Etc).
The log message of the console can be redirected
to a Syslog Server, either a Unix Standard Syslog server or our Syslog
Collector Windows software or simply to the syslog server provided
with our LoriotPro
software.
You can define the list of clients, hosts that
can use the radius server, and their authentication key from the
Setup menu Client option. 
Next you can set the user list from the Setup menu Users
option. This file contains security and configuration information for
each user. The first field is the user's name and can be up to
8 characters in length. This is followed (on the same line) with
the list of authentication requirements for that user. This can
include password, comm server name, comm server port number, and
an expiration date of the user's password. When an authentication
request is receive from the comm server, these values are tested.
A special user named "DEFAULT" can be created (and should
be placed at the end of the user file) to specify what to do with
users not contained in the user file. A special password of "UNIX" can
be specified to notify the authentication server to use UNIX password
(/etc/passwd) authentication for this user.
Indented (with the tab character) lines following
the first line indicate the configuration values to be passed back
to the
comm server to allow the initiation of a user session. This can include things like the PPP configuration values or the
host to log the user onto.
Example of user entry with proprietary Cisco keywords.
john LPassword = "s",
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Address = 172.16.3.33,
Framed-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP,
cisco-avpair = "ip:addr-pool=first",
cisco-avpair = "ip:rte_fltr_in*12 igrp 109",
cisco-avpair = "ipx:outacl=812",
When you have set the users you can check in the
log screen the radius request and service messages..
*** End of documentation ***
|
