integrated server

Integrated ServerSUPPLY, DELIVERY, INSTALLATION, COMMISSIONING AND TESTING FOR NEW RADIUS

ACCOUTING SERVER

Prepared by

Febru Wasono

(febru@soluvas.com)

STEP 1 [SUPLY / THEORY]

Global Concept Server Requirements Basic-Networking VPN P2P Connections File-Server Routing Traffic limitations

Hardware Requirement

Hardware Specification

CPU Intel Core 2 Duo Pentium processor

Memory 2GB DDR2 server RAM

Hard Drive 360GB SATA Hard Disk

Network Interface Dual Gigabit network interfaces

Power Supply Redundant power supply

Software Requirement

Application Specification

Operating System Linux Ubuntu 8.04 (Hardy Heron)

Radius Server Version 2.0

MySQL Version 5

Dolaradius Version 0.8.9

Samba Version 5

proFTP/TFTP

Standard Configuration

Index Description Value

1 Hostname Sma-server.com

IP / Subnet 10.10.0.1 / 255.255.255.0

Gateway 10.10.0.1

Workgroup Workgroup

Administrator User Role Username Password

root “root”

2 Hostname vpn.sma-server.com

IP / Subnet 10.10.0.2 / 255.255.255.0

Gateway 10.10.0.1

Workgroup Workgroup

3 Hostname aaa.sma-server.com

IP / Subnet 10.10.0.3 / 255.255.255.0

Gateway 10.10.0.3 / 255.255.255.0

Workgroup Workgroup

Administrator User Role Password

testing123”

Auth Port 1812

Acct Port 1813

4 Hostname file.sma-server.com

IP / Subnet 10.10.0.4 / 255.255.255.0

Gateway 10.10.0.1

Workgroup Workgroup

5 Hostname dbs.sma-server.com

IP / Subnet 10.10.0.5 / 255.255.255.0

Gateway 10.10.0.1

Workgroup Workgroup

Administrator User Role Username Password

root/“root” radius/”radius”

6 Hostname dhcp.sma-server.com

IP / Subnet 10.10.0.6 / 255.255.255.0

Gateway 10.10.0.1

Workgroup Workgroup

7 Hostname cache.sma-server.com

IP / Subnet 10.10.0.7 / 255.255.255.0

Gateway 10.10.0.1

Workgroup Workgroup

Port Bind 3128

8 Hostname dans.sma-server.com

IP / Subnet 10.10.0.8 / 255.255.255.0

Gateway 10.10.0.1

Workgroup Workgroup

Port Bind 8080

Basic-Networking

VPN

VPN is Virtual Private Network, a tunnel link to make a private community.

Securing interconnection. Encryption support PPTP/IpSEC support

Custom-routing

Create New VPN Connections

Connection is ready

Samba

File Server on *nix system Multi session support Privileges. Quota and User-based privileges system.

Accessing File via samba

Accessing File on Linux

Samba Administration [change password]

Radius

Radius is AAA server for general purposes Authentication : [user + password] Authorization : [Routing] Accounting : [time-based or package-

based] FreeRadius, Daloradius, openRadius, etc

Inserting data for new usersinsert into `radcheck` (`username`,`attribute`,`op`,`value`) values ("S_6886","User-

Password","==","XXXX"); insert into `radusergroup` (`username`,`groupname`,`priority`) values ("S_6886","siswa","2"); insert into `userinfo` (`username`,`firstname`,`lastname`) values ("S_6886","XII IPA 3","ACHMAD ZUNAIFAN LAHUDDIN"); insert into `radcheck` (`username`,`attribute`,`op`,`value`) values ("S_6886","Expiration",":=","24 Jul 2010");

Generate Batch-User

Changing Password

Checking time-usage

Checking user-billing

Checking user online

Php myadmin

Administration for all user on mySQL database server.

User Friendly UI

Add-user traffic limitations

Checking user online

Add administrator for Radius

Dans Guardian [porn protection]

vim /etc/dansguardian/lists/bannedregexpurllist

vim /etc/dansguardian/lists/exceptionurllist

vim /etc/dansguardian/lists/bannedurllist

STEP 2 : [Delivery]

Server : Ubuntu Radius : FreeRadius + Daloradius P2P : PPTP Server Phpmyadmin Dansguardian Routing : Iptables

Step 3 : [installation]

Step 4 : Commissioning and Testing

Step 5 : [administrating and maintenance]