Category:Cisco Systems -> Routing and Switching
Basic RADIUS server configuration on Cisco router for PPPoE authentication:
aaa new-model
!
!
aaa group server radius PPPoE
server 192.168.1.77 auth-port 1812 acct-port 1813
!
aaa authentication login default local
aaa authentication ppp default group radius
aaa authorization console
aaa authorization exec default local
aaa authorization network default group radius
aaa accounting delay-start
aaa accounting update periodic 5
aaa accounting network default start-stop group radius
!
aaa session-id common
!
...
!
bba-group pppoe PPPoE
virtual-template 1
sessions per-mac limit 1
sessions auto cleanup
!
...
!
interface FastEthernet0/1
no ip address
ip route-cache policy // Enable fast-switching policy cache for outgoing packets
duplex auto
speed auto
pppoe enable group PPPoE
!
interface Virtual-Template1
mtu 1492
autodetect encapsulation ppp
no peer default ip address
ppp authentication chap
!
ip local pool pppoepool 10.10.10.1 10.10.10.200
!
ip radius source-interface Loopback0 // This IP address will be the source IP address while communicating with RADIUS server
!
radius-server attribute nas-port format d
radius-server dead-criteria time 5
radius-server configure-nas
radius-server host 192.168.1.77 auth-port 1812 acct-port 1813 key SECRETKEY
radius-server vsa send authentication
Hint:
interface FastEthernet0/1
no ip address
ip route-cache policy
duplex auto
speed auto
!
vlan-range dot1q 100 150 // If you want to use the interface to terminate VLANs 100-150 over 802.1q (trunk)
pppoe enable
exit-vlan-config
!
pppoe enable group PPPoE
exit-vlan-config
FreeRADIUS + MySQL + Apache + daloRADIUS
Preview:
**********************************************
** Restricted access! For private use only! **
**********************************************
Evil_TTL> enable
Password: