Radius auth. on squid

From: Danny Kruitbosch <Danny.Kruitbosch@dont-contact.us>
Date: Tue, 28 Dec 1999 13:32:08 +0100

Kamal,

We're running our squid proxy on solaris 7. For radius authentication with
squid you need an external authentication program. We've used the RADIUS
authenticator from Marc van Selm. It is available via the SQUID website (in
the software section). The source should compile with no errors. There are
also some patches for RedHat linux. Be sure to read the README in the source
distribution.
You also need the dictionary files from the cistron radius server. These can
be found on Marc van Selm homepage. The dictionary files must be in the
/etc/raddb directory of your proxy server. With the dictionary files the
authenticator interprets the answer from the radius server. Although this is
not documented you REALLY need this.

You can test the program from the command line. When you enter a
username/password the program should only return an OK (=succesfull auth) or
ERR. If it also returns a list of RADIUS attributes then you have to hack
the source and compile again. I've not yet posted my hack, since I need to
clean up the hacked source. But basicly all we did is prevented the program
from printing the extra attributes. SQUID only expects the program (or any
external authentication program for that matter) to return OK or ERR.

For configuring SQUID to use the program see the squid.conf file. It's
fairly straight forward.

If you need more help on this, mail me.

Best regards

Danny Kruitbosch

-----Original Message-----
From: chkamal [mailto:chkamal@nettlinx.com]
Sent: dinsdag 28 december 1999 17:38
To: Danny Kruitbosch
Subject: Re: Different types of authentication

hello
my name is kamal
pls help me in radius authentication .and can pls help me in config details
how to proceed .so that i try to implement this .Presently i am using merit
radius with "authentication.it is on solaris. i want to p[ort it on to linux
with squid.pls help me

waiting for reply
kamal

Danny Kruitbosch wrote:

> Hi,

]

>
>
> Im running SQUID 2.2S5 with radius authentication. Works great (finally)!
>
> Now I'm wondering if you can do different types of authentication for
> differnent groups/subnets. So, for instance, RADIUS for one and SMB for
> another.
>
> Any comments on this would be great!
>
> Thanks!
>
> Danny Kruitbosch
>
> the Netherlands
Received on Tue Dec 28 1999 - 05:41:40 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:07 MST