Mini PPPoE Server Howto for RedHat 7.3 + Radius Auth

This is here only for historical purposes. The information contained is well and truly out of date, but could be handy for reference purposes.

Date: 25-Oct-2002

1. Install RH 7.3 Installing as a server system works. These instructions should be the same for RedHat 7.2 as well.

2. Set and IP address on the primary NIC to say 10.0.0.1. This is the card that is visible to the internet.

3. Install the updated rp-pppoe from Roaring Penguin http://www.roaringpenguin.com/pppoe/. This was version rp-pppoe-3.5-1 as
of this writing.

4. Download the latest pppd via cvs from samba currentl its 2.4.2b1 as of this writing. I use rsync. Make a dir called
ppp2.4 and then issue the command

rsync -vrz ppp.samba.org::ftp/unpacked/ppp/ ./ppp2.4/

to download the source. You dont really need the -v in the rsync command, but that echos what its doing to the screen so
you can see whats happening.

5. Change to the ppp2.4 directory and then

./configure

make

make install

6. Edit /etc/radiusclient/radiusclient.conf. Set the primary and secondary authentication and accounting servers and hosts.
Watch that your using the right port numbers. If you have an old radius server it is probably using ports 1645/1646.

7. Edit /etc/radiusclient/servers and set the secret password and the hostname of the radius servers your going to
authenticate against.

8. Edit /etc/sysctl.conf and change the line net.ipv4.ip_forward = from 0 to one(1). This makes the system turn on routing
at boot up.

9. Edit /etc/ppp/pppoe-server-options and add proxyarp to the end of the file on its own line. Also add ms-dns {dns ip
addresses} after the lcp-echo-failure lines.

10. Edit /etc/sysconfig/network-scripts/ifcfg-eth1 and change the ONBOOT=no to yes and remove the dhcp from the BOOTPROTO= if
its there.

11. Start the pppoe-server. You will probably need to pass some parameters to it. They will most likely be -I eth1 -L {localip} and -R
{remoteippool}. So you will end up with something like /usr/sbin/pppoe-server -I eth1 -L 10.0.0.1 -R 10.0.0.150. This tells the server
to start serving out IP's to the clients starting at .150. Set the -L IP to the local IP of eth0. When your happy with the
startup parameters you will want to add this same line to /etc/rc.d/rc.local so that the server restarts after a reboot of
the server.

12. You should now be able to test the system. Try adding a user to the system as a user and then add the user to the
/etc/ppp/pap-secrets file. (this assumes you use a user called test with a password of test)

:adding a user:

adduser test

passwd test

:pap-secrets file:

"test" * "test"

13. Now tail -f /var/log/message on the linux system and try to connect to the server with a PPPoE client. If you've got it
right, you will be able to establish a connection.

14. Now add the line plugin radius.so to the file /etc/ppp/pppoe-server-options just before proxyarp.

15. Now test the logging on again with a valid radius user.

16. Congratulations your finished!!!

pppoe-server-options file looks like this:

# PPP options for the PPPoE server

# LIC: GPL

require-pap

login

lcp-echo-interval 10

lcp-echo-failure 2

ms-dns 10.0.0.5

ms-dns 10.0.0.6

plugin radius.so

proxyarp

1793 Total Views 2 Views Today

Leave a Reply

Your email address will not be published. Required fields are marked *

17 − 11 =