Vikrant Agarwal wrote:
> Now when I divert my Dialup users traffic through caching , I face one
> problem i.e dial-up user are not able to get authenticate on RADIUS server
Do they authenticate when they dial-up? If so, why do they need to
authenticate again to Squid? If you need/want the users to authenticate
again to Squid after authenticating to the RADIUS server, then you need to
install a basic auth helper.
There might be one for RADIUS authentication; if not, use the PAM basic auth
helper and setup PAM to use RADIUS as the authentication backend for Squid.
More information is in the authentication FAQ:
http://www.squid-cache.org/Doc/FAQ/FAQ-23.html
> Actually authentication request doesn't come at all on my Radius server
> when i divert my Dial-up traffic caching . My Radius belongs to different
> subnet to the subnet where squid box is installed .
This won't matter, so long as the Squid server has a route to the radius
server and the authentication is setup correctly.
> I've also tried by opening Radius-auth and Radius-acct port in squid.conf
> as follows , but it didn't work .
>
> acl Safe_ports port 1645 # radius auth
> acl Safe_ports port 1646 # radius acct
> acl Safe_ports port 23 # telnet
Why are you doing this? The Safe_ports acl controls the ports Squid is
permitted to request HTTP traffic over. They have nothing to do with
authentication, and nothing to do with telnet.
> I also want to allow users those who are behind squid to access VNC viewer
> , PC -anywhere and telnet service .
Squid is an HTTP proxy only. This has been stated several times on this
list, and it is also in the documentation on the website.
Unless the client program is tunneling VNC, PC Anywhere, or Telnet over HTTP
(which isn't likely), Squid will have nothing to do with it.
Adam
Received on Sat Jul 24 2004 - 12:00:38 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Aug 01 2004 - 12:00:02 MDT