Title: Endian Proxy with RADIUS Server Post by: uaccalogo on Thursday 27 February 2014, 11:53:17 am Has anyone ever configured the proxy service with Endian authentication with RADIUS server? I'm trying to set it up but with no good results. Any help is very much appreciated !! Regards. Ennio Title: Re: Endian Proxy with RADIUS Server Post by: dda on Friday 28 February 2014, 01:49:16 am Let me know if you get it done, I actually gave up and went with LDAP but I would like to get Radius working.
Title: Re: Endian Proxy with RADIUS Server Post by: kikilinux on Sunday 02 March 2014, 09:08:03 pm me too
if anybody can configure radius please don't forget me. best Title: Re: Endian Proxy with RADIUS Server Post by: uaccalogo on Tuesday 04 March 2014, 01:58:45 am After spending some nights, i found a solution for use Endian proxy with radius authentication.
I manually modify the file "/etc/squid/squid.conf.tmpl" adding two missing variables that identify radius users query, and another one that authorized this users as follow. #end if #if $AUTH_METHOD == "radius" auth_param basic program ${LIB_EXEC_DIR}/basic_radius_auth -h ${RADIUS_SERVER} -p ${RADIUS_PORT}#if $RADIUS_IDENTIFIER != "" then " -i " + $RADIUS_IDENTIFIER else ""# -w ${RADIUS_SECRET} auth_param basic children ${AUTH_CHILDREN} auth_param basic realm ${AUTH_REALM} auth_param basic credentialsttl ${AUTH_CACHE_TTL} minutes #if $AUTH_IPCACHE_TTL != "0" authenticate_ip_ttl ${AUTH_IPCACHE_TTL} minutes #end if #for $rule in $RULES #if $rule.auth == 'user' acl ${rule.for_} proxy_auth REQUIRED #elif $rule.auth == "group" acl ${rule.for_} proxy_auth REQUIRED #end if #end for # MODIFIED BY ME - START acl for_inet_users proxy_auth REQUIRED # MODIFIED BY ME - STOP Go ahead and identify this part: # http access to squid ## local machine has no restrictions http_access allow from_localhost ## GUI admin if local machine connects http_access allow from_green to_green_interface to_http_port http_access allow from_green to_green_interface to_https_port http_access allow CONNECT from_green to_green_interface to_https_port # MODIFIED BY ME - START http_access allow for_inet_users # MODIFIED BY ME - STOP Save the file. Now go into Proxy option end under authentication select "RADIUS"; rember to fill out REALM name authentication with the FQDN name of your domain. Put your radius IP address, port, identifier and secret code. Save. Create rules into NAP server (I use Windows 2008 Server). And all works for me. Ennio Title: Re: Endian Proxy with RADIUS Server Post by: dda on Tuesday 04 March 2014, 08:15:25 am is inet_users the name of a group on your network or is it a term that originates in Endian?
Title: Re: Endian Proxy with RADIUS Server Post by: uaccalogo on Tuesday 04 March 2014, 09:07:35 am It's a "variabile" originated by Endian.
Title: Re: Endian Proxy with RADIUS Server Post by: dda on Tuesday 04 March 2014, 09:39:44 am Ok thanks will try it out in a days. What do you use for your Radius server?
Title: Re: Endian Proxy with RADIUS Server Post by: dda on Tuesday 11 March 2014, 08:03:13 am ok it appears this stopped the proxy from working even though I am running ldap so not recommended unless you are actually running radius
|