Tutorial – How to:Install Cistron RADIUS on Linux
ORIGINALLY POSTED BY NOKIA FOR THETAZZONE/TAZFORUM HERE
Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post…we do not sell, publish, transmit, or have the right to give permission for such…TheTAZZone merely retains the right to use, retain, and publish submitted work within it’s Network
- Code: Select all
This paper is the work of The Master Jedi Pimpsor AKA thehorse13, who has kindly consented to it being hosted here on the TAZ.
I’ve had some good feedback on my W2K RADIUS doc, so here is another one I wrote for the Linux platform. I personally use this one and love it!
Installing Cistron radius on a Linux platform
1.Download the software from
Download the file : radiusd-cistron-1.6.6.tar.gz
2.From the directory where you downloaded the software, unzip the software with the following command: gunzip radius-cistron-1.6.6*
3.Now you must untar the file with the following command: tar –xvf radius-cistron*
4.This creates a directory radius-cistron-1.6.6. Type cd radius-cistron-1.6.6/src From this directory, type cp Makefile.lnx ./Makefile When prompted cp: overwrite ‘./Makefile’? type y.
6.Type make install
7.Type cd ../redhat From here you need to edit two lines in rc.radiusd-redhat. Type vi rc.radiusd-redhat Use the arrow keys to move the cursor down to the line RADIUSD=/usr/sbin/radiusd. Place the cursor on the s of sbin and hit the i key. This will allow you to insert text. Add local/ and hit the Esc key. Move down to the next line and edit the line RADRELAY. Again, move the cursor on the s of sbin, and hit the i key. Type local/ and hit Esc. To save you changes, type :wq and hit enter. If you make any mistakes, type Esc and then type :q! which allows you to quit without writing any changes to the file.
8.You now need to copy this file to another directory. Type cp ./rc.radiusd-redhat /etc/rc.d/init.d/radiusd
9.Now type cd /etc Type vi inittab In this file there is a line id:x:initdefault where the x is a number representing the default run level of the system. This number tells us which directory to install radius as a service. Remember the number, and type :q to quit.
10.Type cd rc.d/rcx.d where x is the number from the inittab file. In this directory, type ln /etc/rc.d/init.d/radiusd S27radiusd (The first two characters are LN, but they must be lower case.)
11.The configuration files for radius are stored in /etc/raddb There are two files that you need to edit, users and clients. First, edit the clients. This file controls what servers are allowed to attach to the radius server for authentication. There are a couple of default entries already in the file. If you are running the radius server on the vpn server, then keep the client localhost, but change the testing123 to a different key. When you setup the vpn server, make sure you give it the server address localhost, and the new secret key.
12.To add users, edit the users file. To add a user, you need to add the following two lines:
Userid Auth-Type = Local, Password = “password”
Service-Type = Framed-User
13.To start and stop the service, cd /etc/rc.d/rcx.d where x is your run level. Type ./S27radiusd start/stop to start or stop the service. You will need to restart the service after changes are made to the clients or users files in /etc/raddb.
If anyone has interest in setting LDAP on W2K, just send me a message. I had the joy of setting that up about 6 months ago. Like anything else I do, I document the hell out of it.
Hope this helps