Topic: RADIUS for beginners

[KeeWee]

OK, it has me beat.  I'm no Linux expert and only installed SME Server because it claims you don't have to be to use it, but SME's implementation of RADIUS has me beat.

I know radiusd is running but I can't add anything to the raddb clients.conf file because it tells me not to because (I assume) it's configured by an e-smith template.  So how do I add clients and secrets to radius?  There's nothing on the Admin web-page, nothing in the manual, I haven't even found anything on Google.

[stephen noble]

if there isn't a panel interface there may be a db command interface

run
slocate clients.conf

look in the relevant files for clues

and check the devguide for specifics of templates, and events
http://ftp.surfnet.nl/ftp/pub/os/Linux/distr/smeserver/contribs/gordonr/devguide/html/c610.htm

[slords]

What exactly are you attempting to do.  How are you wanting to use the radius server?

[KeeWee]

What exactly are you attempting to do.  How are you wanting to use the radius server?

I'm doing my best to run a small - 8 subscriber - community-owned, non-profit wireless network bringing tolerable internet to a very remote community in New Zealand because our only alternative is dialup that can only manage 2.5kbps downhill with the wind behind it and falls over every ten minutes.  I'm actually a marine farmer but have occasionally toyed with Linux, which makes me the local IT expert.

SME Server in server and gateway mode has everything I need for our Internet gateway and in comprehensible form except RADIUS AAA.  I need to run RADIUS to secure the network, I need accounting because the Trust merely buys a single Internet plan from the ISP we connect to and hits us with excess charges if the Trust exceeds its plan so we have to watch what subscribers use and can recover excess MB charges from the guy who went over his ration and it would be damn useful if our subscribers could monitor their own usage so I don't have to check it daily and ring them up.

We're using Mikrotik wireless routers which have RADIUS and some AAA built in but it's designed for hot-spot use and doesn't meet our needs.  I'm looking at a commercial program called Radius-manager from DMSoftlab which offers the functionality I want but I've a feeling it won't work with SME because of SME's non-standard RADIUS and MySQL implementations.

So it seems to me I've the options of:

1.  Trying to get Radius-Manager to work with SME - probably way beyond my abilities as I can't even Administer SME's own Radius,

2.  Abandon Radius-Manager and do make the best of SME + RADIUS + MySQL ,

3.  Abandon SME, which is otherwise excellent for my purposes, for a disto that will play with Radius-Manager but will mean I'll have to set up firewalls, web and mail-servers, &tc for a gateway server from scratch.

[slords]

Does this help at all:

http://forums.contribs.org/index.php?topic=30736.msg128980#msg128980

[KeeWee]

Does this help at all:

http://forums.contribs.org/index.php?topic=30736.msg128980#msg128980

Yes quite a lot, thank you, in that (while I've still to work through it) it looks like it tells me how to get RADIUS working with SME.

But I note the query re dialupadmin wasn't answered and I'd guess that both dialupadmin and a package like Radius-Manager will not work with SME because they will both directly address the raddb configuration files which are re-written by e-smith templates on every signal-event (?).

As I'm nothing like skilled enough to develop SME packages I guess that, very reluctantly, I'm going to have to give up on SME, as firewalling can be done by the gateway wireless router and we can get web and mail-hosting elsewhere but RADIUS and accounting are vital and inescapable.  Even if FreeRadius could be made freestanding under CentOS it still needs to address MySQL which is (unavoidably?) part of SME and run by templates.

Please tell me I'm wrong, and why.