Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

ClearBox RADIUS server

advertisement 
Contents
History ................................................................................................................. Error! Bookmark not defined.
Documentation of the RADUIS segment in the PRONESTOR_GUEST network ................................................. 3
Installation objective ..................................................................................................................................... 3
Servers & Network Units ........................................................................................................................... 3
ClearBox RADIUS server ................................................................................................................................ 4
Clearbox Website: ..................................................................................................................................... 4
Version used in this case ........................................................................................................................... 4
System requirements ................................................................................................................................ 4
Concept & How it works .................................................................................................................................... 5
ClearBox Installation Guide (step by step) ........................................................................................................ 6
Configuration of ClearBox RADUIS server ................................................................................................... 13
Configuration advice:............................................................................................................................... 13
ClearBox, just behind the curtain. ............................................................................................................... 14
Basics for the configuration ..................................................................................................................... 15
The installation procedure .......................................................................................................................... 15
Configuration Starters ............................................................................................................................. 16
1) Create a Realm ................................................................................................................................... 17
2) Create a Datasource ............................................................................................................................ 18
3) Create Clients ...................................................................................................................................... 21
4) Add Datasources and Clients to the Realm ......................................................................................... 23
SQL statement: ........................................................................................................................................ 26
Starting the RADIUS Service ........................................................................................................................ 27
1
2
Documentation of the RADUIS segment in the PRONESTOR_GUEST network
Installation objective
The objective is to authenticate a User who is logged in in to the PRONESTOR_GUEST network, in the
PRONESTOR MS SQL Database. The reception generates a username and password for the guest, and hands
out the information on a card.
The generated user credentials are stored in the PRONESTOR DB. The Nortel WSS switch currently used,
cannot connect directly to the MS SQL database, but has to forward the login request to a RADIUS server.
Servers & Network Units
Units overview
Server Name
dkcphcb00
Description
ClearBox RADIUS Server
Graphic
OS: MS Windows 2008 R2
ClearBox
RADIUS
dkcphsql02
PRONESTOR SQL Database Server
Pronestor DB
WSS1
Wireless Security Switch
WSS2
Wireless Security Switch
Accesspoint
Accesspoint for the PRONESTOR_GUEST network
Access
Point
This installation of ClearBox RADIUS server will be implemented on a MS Windows 2008 R2 server.
3
ClearBox RADIUS server
ClearBox RADUIS is a ”Remote Authentication Dial In User Service” application.
Clearbox Website:
http://www.xperiencetech.com/
Version used in this case
System requirements
ClearBox System requirements
Processor
Pentium II or higher
Memory
256 MB or higher
Operating system
Windows 2000/XP/2003
Connectivity
TCP/IP installed and configured
Hard disk capacity
9 MB of free space
4
Concept & How it works
1) User connects to
Access point
3) WSS forwards
Login request to
RADIUS server
4) RADIUS queries
PRONESTOR for
match on credentials
Http://www.yyy.zzz
COMPANY
Enter your WiFi credentials
User name:
Password:
Login
6) The WSS verifies
whether the User is
allowed, and makes
the decision upon
the RADIUS answer
ClearBox
RADIUS
5) RADIUS returns
the request with a
Allow or Reject
answer
PRONESTOR DB
7) If correct login the
user is allowed to the
Wireless network
?
2) WSS greets User
with login screen.
Username and
password is given
from PRONESTOR
VISITOR
Wireless Security
Switch
COMPANY WIRELESS
GUEST NETWORK
At arrival at the company’s HQ, the user is greeted by the reception with a PRONESTOR VISITOR badge. The
badge contains a username and password generated by the PRONESTOR VISITOR Reception frontend. The
Credentials is stored in the PRONESTOR DB.
1) The user connects to the Wireless network PRONESTOR_GUEST.
2) When a browser is opened at the host, the user is greeted by a login webpage and prompted for
the credentials on the VISITOR badge, given by the reception. The login webpage is hosted by the
primary WSS switch.
3) When the user has typed in the credentials, the WSS the passes on the login information to the
ClearBox RADIUS server. Then waits for an answer from the RADIUS server.
4) The ClearBox RADIUS server is using the PRONESTOR Database as a remote database. ClearBox
queries the PRONESTOR DB for the User login credentials, received from the WSS switch.
5) Whether the credentials is found and authenticated correctly, the ClearBox RADIUS server returns
an Allow or Reject answer to the WSS switch.
6) The WSS switch then decides upon the answer from the ClearBox, whether the user is authorized
to connect to the PRONESTOR_GUEST wireless network. If the user is allowed, the WSS then stores
the user within its own database.
5
7) The user is authorized and authenticated to use the PRONESTOR_GUEST wireless network, and is
not restricted further by this installation.
Depending upon the setup of the PRONESTOR Database, the user gains access to the PRONESTOR_GUEST
network for a limited time.
ClearBox Installation Guide (step by step)
Installation Guide

REMEMBER:
This installation does not use certificates!
When installing the ClearBox RADIUS server, DO NOT choose to install SSL Certificate tools. If
installed, the RADIUS server will require the use of certificates, and will not work properly.
Run the file: clearbox_enterprise_5_6.exe
Yes install!
6
Next
Read License Agreement …
Click the “I accept the agreement”.
Next
7
Choose an installation folder.
We chose the standard folder; “C:\Program Files (x86)\ClearBox Server”.
Next
Select “Full Installation”.
Next
8
Type in a password for the ClearBox installation. This can be edited at a later time.
Next
Choose “Normal Mode”.
Next
9
WARINIG !! DESELECT the “Enable wireless authentication” option.
Next…
Chose a name in the Start Menu.
Next.
10
Inspect the installation selections. If everything is as expected…
Install.
ClearBox installing…
11
The installation is complete.
To configure the ClearBox click the ”Run Control Centre” option.
Finish.
12
Configuration of ClearBox RADUIS server
This installation is configured on the DKCPHCB00 MS Windows 2008 R2 server.
Configuration advice:
For in-depth configuration of the ClearBox RADIUS server please refer to the website for more information.
13
ClearBox, just behind the curtain.
To configure the ClearBox RADIUS server it is important to understand how it works.
To start the configuration of the ClearBox click the “Configure the Server” button.
Choose whether to use the frontend as a remote configuration utility for a preinstalled ClearBox server, or
use a local installation.
Chose “Open local XML file with server settings”.
This will open a default configuration.
Chose “No”. The utility might not work as you want it to.
14
Now you have the standard configuration. This is where you start to edit and configure the ClearBox
RADIUS server.
Basics for the configuration
Description for the used configuration tools.



SQL Data Sources.
This will define what database to use for your installation. This is where we will configure the
connection details for the PRONESTOR Database.
Realms.
A Realm is like a Domain in Windows. This is the Container or Object that contains and connects
your devices as one interconnected configuration in ClearBox.
Realm contains the Realm rules, AAA setup and logging configuration.
Configuration of the SQL query, and rule setup will be applied here.
RADIUS clients.
This is where you define the devices or clients you want to use in the configuration.
Here the connection information and credentials for the WSS switches will be defined.
The installation procedure
1)
2)
3)
4)
Create a Realm
Create SQL Datasource
Create the Clients
Add Datasources and Clients to the Realm
15
Configuration Starters
Create a new configuration file for this installation.
Click “File” and choose “Save As…”.
This configuration will be called “Pronestor_Config_21-02-2011”.
Click “Save”.
16
1) Create a Realm
To create a new Realm, Right click and click “Add New Realm”
Type in the name of the Realm.
(Rlm_Pronestor)
17
2) Create a Datasource
Right click on “SQL Data Sources” and select “Add New Data Source”.
Type in the name for the datasource: SQL_Pronestor
18
Select “MS SQL Server” under Data source type:.
Type in the Server name:
Type in the database name:
Type in the username for ClearBox to access the database:
Type in the password for the ClearBox username:
(dkcphsql02)
(pronestor)
(pronestorguest)
(<password???>)
When done, click the “Test Connection”, to verify SQL connection settings.
Click “Apply Changes”.
19
20
3) Create Clients
Create new clients for the RADIUS server. This will add the WSS switches, which will be added to the Realm
later on.
Right click on RADIUS Clients, and click “Add New Client”.
Type in the name for your device.
21
Then type in the Client IP address
The password (Shared Secret)
And choose the Realm you have created:
(10.129.144.3) WSS switch IP
( <Password ???>) WSS switch password
(Rlm_Pronestor)
Click “Apply Changes”
Repeat the steps for all the clients you want to use. (Next is DKCPHWSS02)
Type in the Client IP address
The password (Shared Secret)
Choose the Realm you have created:
(10.129.144.2) WSS switch IP
( <Password ???>) WSS switch password
(Rlm_Pronestor)
Click “Apply Changes”.
22
4) Add Datasources and Clients to the Realm
This will add your Clients to your Realm.
First we add the Clients to the Realm
Click on your realm in the Tree view (Rlm_Pronestor)
Then click the box “By client IP address”.
For adding Clients, click the “+” button.
Add the two Security switches DKCPHWSS02 and DKCPHWSS01
Click “OK” button.
Click “Apply Changes”.
23
This will add your Datasources to your Realm.
First, select your realm in the tree view (Rlm_Pronestor).
Then select the Authentication tab
Click the SQL database button
Select the your datasource “SQL_Pronestor”.
24
In the “Password selection query” field paste in the SQL query that enables the RADIUS server to lookup
authentication requests in the PRONESTOR Database.
To get the “SQL Editor” view above click the button on the far right
When satisfied with the SQL statement, click “OK”.
Then click “Apply Changes”.
See “SQL statement” for the used query.
25
.
SQL statement:
Select [wifi_password] from badge
where [wifi_user] = '$u'
AND
(badge.state = 'in' )
AND
(
(
dateadd(DAY,1,convert(varchar,(LEFT([start_date],8)),112)) > GETDATE()
)
OR
(
dateadd(MONTH,1,convert(varchar,(LEFT([start_date],8)),112)) > GETDATE()
and guest_category_id = 6
)
OR
(
dateadd(MONTH,3,convert(varchar,(LEFT([start_date],8)),112)) > GETDATE()
and guest_category_id = 7
)
OR
(
dateadd(MONTH,6,convert(varchar,(LEFT([start_date],8)),112)) > GETDATE()
and guest_category_id = 8
)
OR
(
dateadd(YEAR,1,convert(varchar,(LEFT([start_date],8)),112)) > GETDATE()
and guest_category_id = 9
)
)
26
Starting the RADIUS Service
To start the ClearBox RADIUS service…
In the left panel, click the “Service Control” option.
Click the “Start” button to start the service
If Errors occur, view the error log by clicking on “view errors log”.
Now the service is running.
This concludes the installation.
27
Related documents
NOTES: Math 114: Circle Format, Completing the
NOTES: Math 114: Circle Format, Completing the
Chain Rule Application Questions
Chain Rule Application Questions
Rational Equations:
Rational Equations:
Assignment 5 - UiTM Pahang
Assignment 5 - UiTM Pahang
2.6 Related Rates notes
2.6 Related Rates notes
Worksheet 7a answers - Iowa State University
Worksheet 7a answers - Iowa State University
PC 1.5 Combination of Functions
PC 1.5 Combination of Functions
aaaconfig –show output , think thats ok. Have set the Password
aaaconfig –show output , think thats ok. Have set the Password
Download
advertisement