МПД версии 3.13 Фря 4.8
даю конфиги МПД и Ядра:
machine i386
cpu I686_CPU
ident RADIO
maxusers 0
options INET
options FFS
options FFS_ROOT
options SOFTUPDATES
options UFS_DIRHASH
options PROCFS
options COMPAT_43
options UCONSOLE
options USERCONFIG
options VISUAL_USERCONFIG
options KTRACE
options SYSVSHM
options SYSVMSG
options SYSVSEM
options P1003_1B
options _KPOSIX_PRIORITY_SCHEDULING
options KBD_INSTALL_CDEV
options USER_LDT
options IPFILTER
options IPFILTER_LOG
options IPFIREWALL
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=200
options IPDIVERT
options DUMMYNET
options TCPDEBUG
options ICMP_BANDLIM
options RANDOM_IP_ID
options DEVICE_POLLING
options SUIDDIR
options TCP_DROP_SYNFIN
device isa
device pci
device ata0 at isa? port IO_WD1 irq 14
device ata1 at isa? port IO_WD2 irq 15
device ata
device atadisk # ATA disk drives
device atapicd # ATAPI CDROM drives
options ATA_STATIC_ID #Static device numbering
device atkbdc0 at isa? port IO_KBD
device atkbd0 at atkbdc? irq 1 flags 0x1
device psm0 at atkbdc? irq 12
device vga0 at isa?
pseudo-device splash
device sc0 at isa? flags 0x100
device npx0 at nexus? port IO_NPX irq 13
device apm0 at nexus? disable flags 0x20 # Advanced Power Management
device card
device pcic0 at isa? irq 0 port 0x3e0 iomem 0xd0000
device miibus # MII bus support
device rl # RealTek 8129/8139
device wi
device pcm0
pseudo-device loop # Network loopback
pseudo-device ether # Ethernet support
pseudo-device ppp 4 # Kernel PPP
pseudo-device tun 4 # Packet tunnel.
pseudo-device pty # Pseudo-ttys (telnet etc)
pseudo-device bpf #Berkeley packet filter
pseudo-device snp
МПД.конф:
radius:
set radius config /etc/radius.conf
set radius retries 3
set radius timeout 3
set radius server localhost testing123 1812 1813
set ipcp enable radius-ip
set bundle enable radius-auth
set bundle yes radius-acct
set iface enable radius-idle radius-mtu
set ccp enable radius
pptp_standart:
set iface disable on-demand
set bundle disable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 60 180
load radius
set ipcp yes vjcomp
set ipcp dns 192.168.1.1
set ipcp nbns 192.168.1.78
set iface enable proxy-arp
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set bundle yes crypt-reqd
set pptp self 194.44.207.106
set pptp enable incoming
set pptp disable originate
pptp0:
new -i ng0 pptp0 pptp0
set ipcp ranges 192.168.11.193/32 192.168.12.100/32
load pptp_standart
pptp1:
new -i ng1 pptp1 pptp1
set ipcp ranges 192.168.11.193/32 192.168.12.101/32
load pptp_standart
pptp2:
new -i ng2 pptp2 pptp2
set ipcp ranges 192.168.11.193/32 192.168.12.102/32
load pptp_standart
pptp3:
new -i ng3 pptp3 pptp3
set ipcp ranges 192.168.11.193/32 192.168.12.103/32
load pptp_standart
pptp4:
new -i ng4 pptp4 pptp4
set ipcp ranges 192.168.11.193/32 192.168.12.104/32
load pptp_standart
pptp5:
new -i ng5 pptp5 pptp5
set ipcp ranges 192.168.11.193/32 192.168.12.105/32
load pptp_standart
pptp6:
new -i ng6 pptp6 pptp6
set ipcp ranges 192.168.11.193/32 192.168.12.106/32
load pptp_standart
default:
load pptp0
load pptp1
load pptp2
load pptp3
load pptp4
load pptp5
load pptp6
Радиус.конф:
prefix = /usr/local
exec_prefix = /usr/local
sysconfdir = /usr/local/etc
localstatedir = /var
sbindir = /usr/local/sbin
logdir = /var/log
raddbdir = /usr/local/etc/raddb
radacctdir = /var/log/radacct
confdir = /usr/local/etc/raddb
run_dir = /var/run/radiusd
log_file = /var/log/radius.log
libdir = /usr/local/lib
pidfile = /var/run/radiusd/radiusd.pid
#user = radius
#group = radius
max_request_time = 30
delete_blocked_requests = no
cleanup_delay = 5
max_requests = 1024
bind_address = *
port = 1812
hostname_lookups = no
allow_core_dumps = no
regular_expressions = yes
extended_expressions = yes
log_stripped_names = yes
log_auth = yes
log_auth_badpass = yes
log_auth_goodpass = yes
usercollide = no
lower_user = before
lower_pass = no
nospace_user = before
nospace_pass = no
checkrad = ${sbindir}/checkrad
security {
max_attributes = 200
reject_delay = 1
status_server = no
}
proxy_requests = no
$INCLUDE ${confdir}/clients.conf
thread pool {
start_servers = 5
max_servers = 32
min_spare_servers = 3
max_spare_servers = 10
max_requests_per_server = 0
}
modules {
mschap {
authtype = MS-CHAP
use_mppe = yes
require_strong = yes
}
# chap {
# authtype = CHAP
# use_mppe = yes
# require_encryption = yes
# }
# pap {
# encryption_scheme = crypt
# }
preprocess {
with_ntdomain_hack = yes
}
detail {
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
detailperm = 0600
}
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port-Id"
}
$INCLUDE ${confdir}/sql.conf
radutmp {
filename = ${logdir}/radutmp
perm = 0600
callerid = "yes"
}
radutmp sradutmp {
filename = ${logdir}/sradutmp
perm = 0644
callerid = "no"
}
counter {
filename = ${raddbdir}/db.counter
key = User-Name
count-attribute = Acct-Session-Time
reset = daily
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
allowed-servicetype = Framed-User
cache-size = 5000
}
# always fail {
# rcode = fail
# }
# always reject {
# rcode = reject
# }
# always ok {
# rcode = ok
# simulcount = 0
# mpp = no
# }
}
authorize {
preprocess
sql
mschap
}
authenticate {
mschap
# chap
# pap
}
preacct {
}
accounting {
# acct_unique
# detail
radutmp
sql
}
session {
radutmp
sql
}
post-auth {
}
Версия радиуса freeradius-0.7
Вариант для распечатки
OpenNET: Виртуальная конференция (Public)
on
23-Июн-03, 13:31 (MSK)
