Re: [squid-users] Squid authentication with radius server

Hi,

        please keep repliese CC'd to the mailing list.

Abbas Salehi wrote:
> I'm doing this ,but i have some problem,
> 1- shall i config the radius server to work with squid,
You will need to tell the RADIUS server about the machine squid is
running on.

> 3-what is the secret key,i should set the secret key in both of them,radius
> and radius_auth.conf
You will need to select a 'secret' and configure squid_radius_auth with
the secret and your RADIUS server with the secret against the IP address
of the machine squid is running on.

> 2-how we can debug squid that work properly with this module
Check the log files, run a tcpdump or use ethereal - they should both
tell you what traffic is being generated and you should see whether the
request was successful or not.

                                Neil.

> Regards
> Abbas Salehi
> ----- Original Message -----
> From: "Neil A. Hillard" <hillardn@whl.co.uk>
> To: "Abbas Salehi" <abbas@isiran.ir>
> Cc: <squid-users@squid-cache.org>
> Sent: Tuesday, July 12, 2005 12:21 PM
> Subject: Re: [squid-users] Squid authentication with radius server
>
>
>
>>Hi,
>>
>>Abbas Salehi wrote:
>>
>>>Can anyone help me
>>>
>>>How we can config squid to authenticate with radius server,
>>>The radius server is out of this server and it's separately Server,what
>>>module should be used for authe program,if you have any guidance or any
>>>external software ,could you please help me,
>>
>>I've had RADIUS authentication working in the past, it's relatively
>>easy, you just need to compile up squid_radius_auth.
>>
>>This was done using squid_radius_auth-106.tgz, it looks like 1.07 is out
>>now, available at:
>>
>>
>
> http://www.squid-cache.org/contrib/squid_radius_auth/squid_radius_auth-1.07.tgz
>
>>
>>squid.conf contains:
>>
>>auth_param basic program /usr/local/squid25/libexec/squid_rad_auth
>>auth_param basic children 5
>>auth_param basic realm Restricted Access
>>auth_param basic credentialsttl 1 hours
>>
>>
>>/usr/local/squid25/etc/squid_rad_auth.conf contains:
>>
>>server 192.168.1.1
>>secret sharedsecret
>>
>>
>>With 1.06 I had to change a hardcoded path in conf.h - SQUID_RAD_CONF
>>for the location of the configuration file - you may have to do this for
>>1.07, I'm not sure though.
>>
>>Combine the with the usual squid ACLs and you should be OK.
>>
>>HTH,
>>
>>
>>Neil.
>>
>>--
>>Neil Hillard hillardn@whl.co.uk
>>Westland Helicopters Ltd. http://www.whl.co.uk/
>>
>>Disclaimer: This message does not necessarily reflect the
>> views of Westland Helicopters Ltd.
>>

-- 
Neil Hillard                    hillardn@whl.co.uk
Westland Helicopters Ltd.       http://www.whl.co.uk/
Disclaimer: This message does not necessarily reflect the
             views of Westland Helicopters Ltd.