Owner's Manual

ManualsBrandsNetgear ManualsHubsNetgear XCM8806

491

492

493

494

495

496

497

498

499

500

Chapter 17. Security | 495

NETGEAR 8800 User Manual

attributetype

( 1.3.6.1.4.1.3317.4.3.1.61

NAME 'radiusNetgearSecurityProfile'

DESC ''

EQUALITY caseIgnoreIA5Match

SYNTAX 1.3.6.1.4.1.1466.115.121.1.26

)

attributetype

( 1.3.6.1.4.1.3317.4.3.1.62

NAME 'radiusNetgearNetloginVlanTag'

DESC ''

EQUALITY caseIgnoreIA5Match

SYNTAX 1.3.6.1.4.1.1466.115.121.1.26

)

attributetype

( 1.3.6.1.4.1.3317.4.3.1.63

NAME 'radiusNetgearNetloginExtendedVlan'

DESC ''

EQUALITY caseIgnoreIA5Match

SYNTAX 1.3.6.1.4.1.1466.115.121.1.26

)

Configuring the Authentication Method for Supplicants

The authentication method is configured in /etc/raddb/eap.conf. The authentication method

used by FreeRADIUS is the PEAP (Protected EAP) method. To activate PEAP, a TLS tunnel

is required to encrypt communication between supplicant and RADIUS server. This means

that server certificates are required.

To configure the authentication method, use the following commands:

peap {

default_eap_type = mschapv2

}

tls {

private_key_password = whatever

private_key_file = ${raddbdir}/certs/cert-srv.pem

certificate_file = ${raddbdir}/certs/cert-srv.pem

CA_file = ${raddbdir}/certs/demoCA/cacert.pem

dh_file = ${raddbdir}/certs/dh

random_file = ${raddbdir}/certs/random

fragment_size = 1024

include_length = yes

}

Starting the FreeRADIUS Server

To start RADIUS in the foreground with debugging enabled, use the following command:

radiusd -X -f