Steel-Belted Radius: Difference between revisions
Jump to navigation
Jump to search
m (→Set-up: Minor addition) |
m (→RADIUS Return Attributes: Added table of attributes) |
||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
== Set-up == | == Server Set-up == | ||
=== Time Synchronisation === | |||
In order for replication to be successful between primary and backup Radius servers, their system clocks need to be roughly in sync (max 10mins disparity). | |||
The host server's NTP config in the registry hive <code>HKLM\SYSTEM\CurrentControlSet\Services\W32Time</code> needs to be updated as follows to enable the server's system clock to update via NTP. Restart the NTP service to apply. | |||
{|cellpadding="4" cellspacing="0" border="1" | {|cellpadding="4" cellspacing="0" border="1" | ||
Line 23: | Line 25: | ||
| Config || MaxNegPhaseCorrection || 5400 | | Config || MaxNegPhaseCorrection || 5400 | ||
|} | |} | ||
== Router Set-up == | |||
== RADIUS Return Attributes == | |||
{|cellpadding="4" cellspacing="0" border="1" | |||
|- style="background-color:#bbddff;" | |||
! Attribute !! Value || Description / Notes | |||
|- | |||
| Service-Type || Framed || | |||
|- | |||
| Framed-Protocol || PPP || | |||
|- | |||
| Framed-IP-Netmask || 255.255.255.255 || | |||
|- | |||
| Framed-IP-Address || 123.123.123.123 || Unique for each client | |||
|- | |||
| MS-CHAP-MPPE-Keys || <none> || | |||
|- | |||
| MS-CHAP-MPPE-Types || 128-Bit || | |||
|- | |||
| MS-MPPE-Recv-Key || <none> || Windows 7 | |||
|- | |||
| MS-MPPE-Send-Key || <none> || Windows 7 | |||
|- | |||
|} | |||
== Support Notes == | |||
=== Replication === |
Latest revision as of 10:08, 12 January 2010
Server Set-up
Time Synchronisation
In order for replication to be successful between primary and backup Radius servers, their system clocks need to be roughly in sync (max 10mins disparity).
The host server's NTP config in the registry hive HKLM\SYSTEM\CurrentControlSet\Services\W32Time
needs to be updated as follows to enable the server's system clock to update via NTP. Restart the NTP service to apply.
Key | Name | Value (notes) |
---|---|---|
Parameters | Type | NTP |
Config | AnnounceFlags | 5 |
TimeProviders\NtpServer | Enabled | 1 |
Parameters | NtpServer | 192.168.206.25,0x1 192.168.206.26,0x1 192.168.206.27,0x1 192.168.206.28,0x1 |
TimeProviders\NtpClient | SpecialPollInterval | 1800 (ie 1800 secs = 30mins) |
Config | MaxAllowedPhaseOffset | 30 (if clock if off by more, its' abruptly set rather than incremented) |
Config | MaxPosPhaseCorrection | 5400 |
Config | MaxNegPhaseCorrection | 5400 |
Router Set-up
RADIUS Return Attributes
Attribute | Value | Description / Notes |
---|---|---|
Service-Type | Framed | |
Framed-Protocol | PPP | |
Framed-IP-Netmask | 255.255.255.255 | |
Framed-IP-Address | 123.123.123.123 | Unique for each client |
MS-CHAP-MPPE-Keys | <none> | |
MS-CHAP-MPPE-Types | 128-Bit | |
MS-MPPE-Recv-Key | <none> | Windows 7 |
MS-MPPE-Send-Key | <none> | Windows 7 |