EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Friday 01 November 2024, 08:37:39 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
The Latest Endian Firewall is now available for download
HERE
14248
Posts in
4376
Topics by
6515
Members
Latest Member:
hulteends
Search:
Advanced search
EFW Support
Support
EFW SMTP, HTTP, SIP, FTP Proxy Support
Endian Proxy with RADIUS Server
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: Endian Proxy with RADIUS Server (Read 23729 times)
uaccalogo
Jr. Member
Offline
Posts: 8
Endian Proxy with RADIUS Server
«
on:
Thursday 27 February 2014, 11:53:17 am »
Has anyone ever configured the proxy service with Endian authentication with RADIUS server?
I'm trying to set it up but with no good results.
Any help is very much appreciated !!
Regards.
Ennio
Logged
dda
Sr. Member
Offline
Posts: 227
Re: Endian Proxy with RADIUS Server
«
Reply #1 on:
Friday 28 February 2014, 01:49:16 am »
Let me know if you get it done, I actually gave up and went with LDAP but I would like to get Radius working.
Logged
kikilinux
Full Member
Offline
Posts: 47
Re: Endian Proxy with RADIUS Server
«
Reply #2 on:
Sunday 02 March 2014, 09:08:03 pm »
me too
if anybody can configure radius please don't forget me.
best
Logged
uaccalogo
Jr. Member
Offline
Posts: 8
Re: Endian Proxy with RADIUS Server
«
Reply #3 on:
Tuesday 04 March 2014, 01:58:45 am »
After spending some nights, i found a solution for use Endian proxy with radius authentication.
I manually modify the file "/etc/squid/squid.conf.tmpl" adding two missing variables that identify radius users query, and another one that authorized this users as follow.
#end if
#if $AUTH_METHOD == "radius"
auth_param basic program ${LIB_EXEC_DIR}/basic_radius_auth -h ${RADIUS_SERVER} -p ${RADIUS_PORT}#if $RADIUS_IDENTIFIER != "" then " -i " + $RADIUS_IDENTIFIER else ""# -w ${RADIUS_SECRET}
auth_param basic children ${AUTH_CHILDREN}
auth_param basic realm ${AUTH_REALM}
auth_param basic credentialsttl ${AUTH_CACHE_TTL} minutes
#if $AUTH_IPCACHE_TTL != "0"
authenticate_ip_ttl ${AUTH_IPCACHE_TTL} minutes
#end if
#for $rule in $RULES
#if $rule.auth == 'user'
acl ${rule.for_} proxy_auth REQUIRED
#elif $rule.auth == "group"
acl ${rule.for_} proxy_auth REQUIRED
#end if
#end for
# MODIFIED BY ME - START
acl for_inet_users proxy_auth REQUIRED
# MODIFIED BY ME - STOP
Go ahead and identify this part:
# http access to squid
## local machine has no restrictions
http_access allow from_localhost
## GUI admin if local machine connects
http_access allow from_green to_green_interface to_http_port
http_access allow from_green to_green_interface to_https_port
http_access allow CONNECT from_green to_green_interface to_https_port
# MODIFIED BY ME - START
http_access allow for_inet_users
# MODIFIED BY ME - STOP
Save the file.
Now go into Proxy option end under authentication select "RADIUS"; rember to fill out REALM name authentication with the FQDN name of your domain.
Put your radius IP address, port, identifier and secret code.
Save.
Create rules into NAP server (I use Windows 2008 Server).
And all works for me.
Ennio
Logged
dda
Sr. Member
Offline
Posts: 227
Re: Endian Proxy with RADIUS Server
«
Reply #4 on:
Tuesday 04 March 2014, 08:15:25 am »
is inet_users the name of a group on your network or is it a term that originates in Endian?
Logged
uaccalogo
Jr. Member
Offline
Posts: 8
Re: Endian Proxy with RADIUS Server
«
Reply #5 on:
Tuesday 04 March 2014, 09:07:35 am »
It's a "variabile" originated by Endian.
Logged
dda
Sr. Member
Offline
Posts: 227
Re: Endian Proxy with RADIUS Server
«
Reply #6 on:
Tuesday 04 March 2014, 09:39:44 am »
Ok thanks will try it out in a days. What do you use for your Radius server?
Logged
dda
Sr. Member
Offline
Posts: 227
Re: Endian Proxy with RADIUS Server
«
Reply #7 on:
Tuesday 11 March 2014, 08:03:13 am »
ok it appears this stopped the proxy from working even though I am running ldap so not recommended unless you are actually running radius
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.156 seconds with 18 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com