Auto-configuration
|
|
devolo dLAN 200 DSpro Manual
|
70
Optionally, the RADIUS server can also supply the client with the following infor-
mation:
쎲
Type of firmware: MV, LV or EU. Attribute DS2-fw.
N
OTE
:
This optional information will not be used if the parameter
PROFILE_FWTYPE is defined in the profile associated with the new user. It is
recommended to use the PROFILE_FWTYPE parameter and to not include this
information in the RADIUS response.
The first point is decided by the RADIUS standard procedures depending on the
User name
and
NAS-Identifier
attributes sent by the client. The last two are
vendor-specific attributes (from DS2) and are defined in a new RADIUS dictio-
nary file, dictionary.ds2, that must be included in the RADIUS server (dictionary
file in the Linux RADIUS server):
$INCLUDE dictionary.ds2
All possible clients must then be defined in the clients.conf file of the RADIUS
server. A set of clients in the same sub-network can be included in the same
declaration:
client 10.10.1.0/8 {
secret = test
shortname = private-network-2
}
To only use a specific RADIUS client (master), then write its IP address (without
netmask):
client 10.10.1.15 {
secret = test
shortname = private-network-2
}
The secret password must be the same as the one configured inside the auto-
configuration file of the Wisconsin nodes.
Finally, the file users must contain all the MAC addresses to be authenticated
with their corresponding attributes, including the USER-PASSWORD with the
value “ANONYMOUS”. The file users also gives the possibility to force the NAS-
Identifier. If the NAS-Identifier is defined, the user will be authenticated
only
if
the client that requested (the master) is the one configured in the file. Otherwise,
the user will be rejected:
Содержание dLAN 200 DSpro
Страница 1: ...dLAN 200 DSpro Manual...
