Changes between Version 58 and Version 59 of WikiStart

Timestamp:

May 16, 2013, 3:35:26 PM (12 years ago)

Author:

walter

Comment:

--

WikiStart

@@ -615 +615 @@
 cp rc.local rc.local.ori
 nano rc.local #put before exit0
-        setterm -blength 0 #kills annoying pc speaker!!!
+        setterm -blength 0 #kills annoying pc speaker after reboot!!!
 
 ## enlarge bash_history
 nano /root/.bashrc
-        export HISTFILESIZE=10000
+        export HISTFILESIZE=10000 #enlarges bash history!
 
 ## update/install packages
 apt-get update
-apt-get install subversion openvpn freeradius isc-dhcp-server syslog-ng
+apt-get install subversion openvpn freeradius isc-dhcp-server syslog-ng vlan tcpdump ipcalc memtest86+
 
 ## backup original config files/folders
@@ -633 +633 @@
 
 ## setup network interfaces
+cp /etc/network/interfaces /etc/network/interfaces.ori
 nano /etc/network/interfaces
 }}}
@@ -682 +683 @@
   shortname = testsecret
 }
-}}}
-
-#example code# /etc/freeradius/radius.conf
+
+# if you are a iP provider for eduroam you also put the surfnet top level proxy here!
+}}}
+
+#example code# /etc/freeradius/radiusd.conf
 {{{
 prefix = /usr
@@ -725 +728 @@
         stripped_names = no
         auth = yes
-        auth_badpass = no
+        auth_badpass = yes
         auth_goodpass = yes
 }
@@ -772 +775 @@
         secret = foutjebedankt
         nostrip
+}
+}}}
+
+#example code# /etc/freeradius/sites-enabled/default
+{{{
+authorize {
+        preprocess
+        chap
+        mschap
+        digest
+        DEFAULT
+        eap {
+                ok = return
+        }
+        files
+        pap
+}
+authenticate {
+        Auth-Type PAP {
+                pap
+        }
+        Auth-Type CHAP {
+                chap
+        }
+        Auth-Type MS-CHAP {
+                mschap
+        }
+        digest
+        unix
+        eap
+        pap
+}
+session {
+        radutmp
+}
+post-auth {
+}
+pre-proxy {
+}
+post-proxy {
+        eap
 }
 }}}
@@ -826 +870 @@
 #/sbin/ifconfig bridge0 addm $1 | exit 0
 }}}
+
+Flag the up.sh script as executable other wise openvpn cannot run!
+{{{
+chmod +x /etc/openvpn/up.sh
+}}}
+
 
 Copy the following server/eduradprox files made on the certnode /etc/openvpn/ to the openvpn server directory.
@@ -1245 +1295 @@
 1/2 openvpn
 geen down.sh script voor server en client?
+testen broadcast AP's onderling onmogelijk?
+Filteren / dhcp bdup/stp requests
+DHCP range for ubnt AP's fixen 
 
 Veiligheid aspect, VLAN/ radius authenticatie over zelfde tunnels als de clients... isolation tussen openvpn clients de AP's zelf is actief maar isolate van de wireless users op de client nog teste? 
+
+AIROS cli fw update
+/tmp/fwupdate.bin 
+/usr/sbin/fwupdate -m #-d paramter?
+
+AIROS vlan in cfg,
+lan0 1212 managment
+lan0 3131 brigge naar wireless
+bridge0 -remove wlan0
+bridge1 add lan 3131 add wlan0
 
 Proxy
@@ -1261 +1324 @@
 syslog op openwrt aanzetten en testen, werkt?
 syslog op airos aanzetten en testen, werkt?
+
+Radius request lijken te worden gecached gebeurt dat op proxy met freeradius of in het ap met hostap?
+
+V