[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
> On Wed, Apr 16, 2003 at 11:20:40AM +0100, Pete Hatton wrote: > > Hmm thats the packages, how about conifiguring it? Now thats the HARD bit > > :) (So I've been told) > > I heard Radius is so popular because it made things easy. > > Anyway, again debian wins with dpkg-reconfigure I doubt it, it certainly couldn't handle this scenario. The radius server in question, had to be set up on a IPV6 network and connected to the IPV4 network via a SSH2 tunnel, using SSH2 DSA public-private keys. Then on the gateway, the VPN freeswan server had to connect back to the raduius server to get back to the IPV6 network. The we had to get a apache server to connect to the Radius server, via another SSH tunnel, with a squid proxy in the way. A quick fiddle with the iptables setuip on both the squid proxy server, and the raduius server soon sorted that, once we realised we needs a 2048 bit DSA public-private keyset to connect up the SSH tunnel. Once the apache config was working, the radius server needed a mysql server installed to handle the SOAP XML-RPC requests coming from the apache server via https over a SSL 128 bit connection. We still have a few minor problesm withe certificates, but thats due to the old 40bit browsers out there. Next on the list to configure - the arp server, or do we get the RIP server working next? Pete Hatton --------------------------------- E-mail: pete@xxxxxxxxxxxxx Webpage: http://www.monolight.org --------------------------------- Conquering Russia should be done steppe by steppe. -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.