Line 289: |
Line 289: |
| | | |
| ==Radius authentication== | | ==Radius authentication== |
− | First set the Radius server credentials (thus the info of SME Server itself)
| + | A custom template fragment is required. Create the template fragment first: |
| + | |
| + | |
| + | mkdir -p /etc/e-smith/templates-custom/etc/raddb/users/ |
| + | nano -w /etc/e-smith/templates-custom/etc/raddb/users/40ldap |
| + | and enter the following content and save: |
| + | DEFAULT Auth-Type := LDAP |
| + | and expand the template fragment |
| + | expand-template /etc/raddb/users |
| + | and restart the radius service: |
| + | service radiusd restart |
| + | |
| + | Then one must set the Radius server credentials in the Softether VPN server manager (thus the info of SME Server itself) |
| host: localhost or 127.0.0.1 | | host: localhost or 127.0.0.1 |
| UDP port 1812 | | UDP port 1812 |
Line 296: |
Line 308: |
| [[Image:softether_radius.png|600px]] | | [[Image:softether_radius.png|600px]] |
| | | |
− | Secondly create a 'passthrough user' with the username of '*', set Auth Type to Radius and enable security policy. The default policy enables allows all SME Server users.
| + | The create a 'passthrough user' with the username of '*', set Auth Type to Radius and enable security policy. The default policy enables allows all SME Server users. |
| | | |
| If you previously created SME Server users manually, you can delete these so there is ONLY one user called '*' | | If you previously created SME Server users manually, you can delete these so there is ONLY one user called '*' |