Filter
Top Products
Setting Up A RADIUS Server 657
2 Update the dictionary for Switch login
a In
/usr/local/etc/raddb create a new file called dictionary.3Com
containing the following information:
VENDOR 3Com 43
ATTRIBUTE 3Com-User-Access-Level 1 Integer 3Com
VALUE 3Com-User-Access-Level Monitor 1
VALUE 3Com-User-Access-Level Manager 2
VALUE 3Com-User-Access-Level Administrator 3
b Edit the existing file dictionary in /usr/local/etc/raddb to add the
following line:
$INCLUDE dictionary.3Com
The new file dictionary.3Com will be used in configuring the FreeRADIUS
server
3 Locate the existing file
users in /usr/local/etc/raddb and for each user
authorized to administer the Switch 5500:
a Add an entry for Switch Login. For example
user-name Auth-Type = System, 3Com-User-Access-Level =
Administrator
This indicates that the server should return the 3Com vendor specific attribute
3Com-User-Access-Level in the Access-Accept message for that user.
b Add an entry for Network Login. For example
user-name Auth-Type := Local, User-Password == "password"
4 Run the FreeRADIUS server with radiusd, to turn on debugging. so you can see
any problems that may occur with the authentication:
cd /usr/local/sbin
./radiusd -sfxxyz -l stdout
Setting Up Auto VLAN and QOS using FreeRADIUS
It is slightly more complex to set up auto VLAN and QoS using FreeRADIUS, as the
dictionary file needs to be specially updated.
1 Update the
dictionary.tunnel file with the following lines:
ATTRIBUTE Tunnel-Type 64 integerhas_tag
ATTRIBUTE Tunnel-Medium-Type 65 integerhas_tag
ATTRIBUTE Tunnel-Private-Group-Id 81 stringhas_tag
VALUE Tunnel-Type VLAN 13
VALUE Tunnel-Medium-Type TMT802 6
2 Locate the file users in /usr/local/etc/raddb and add the return list attributes
to the user. For example:
bob Auth-Type := Local, User-Password == "bob"
Tunnel-Medium-Type = TMT802,
Tunnel-Private-Group-Id = 2,
Tunnel-Type = VLAN,
Filter-Id = "profile=student"