502Network - amagerard/FreeRadius GitHub Wiki
| 01- Synoptic | 02 Network | 03 Daloradius | 04 Selinux |
|---|---|---|---|
| 05 Backup | 06 GnomeShell | 07 Accounting | |
| FreeRadius | OpenLdap | ADserver |
- VM Daloradius is a clone of TemplateVM. See TemplateVM-Installation .
- A freeradius server is required. See Freeradius-Installation.
- A dns server is required. See Powerdns-Installation.
The status of selinux is permissive.
getenforce
Permissive
See Daloradius synoptic.
This procedure is based on this example.
Ip daloradius: 192.168.70.41
Gateway daloradius : 192.168.70.254
IP freeradius: 192.168.50.41
Ip dns1 : 192.168.90.41
Domain : ol26modk.com
Servers name:
daloradius.ol26modk.com
freeradius.ol26modk.com
dns1.ol26modk.com
vi /etc/hostname
daloradius
Au prompt vous aurez : <username>@daloradius.
vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
192.168.70.41 daloradius.ol26modk.com daloradius
vi /etc/sysconfig/network
# Created by anaconda
# # Created by anaconda
networking=yes
HOSTNAME=daloradius.ol26modk.com
Change Network.
Example:
IP: 192.168.70.41/24
Gateway: 192.168.70.254
Name Server: 192.168.90.41
Search domain: ol26modk.com
nmcli con mod eth0 ipv4.method "manual" ipv4.addresses 192.168.70.41/24
nmcli con mod eth0 ipv4.gateway 192.168.70.254
nmcli con mod eth0 ipv4.dns 192.168.90.41
nmcli con mod eth0 ipv4.dns-search ol26modk.com
Read the new network configuration.
more /etc/NetworkManager/system-connections/eth0.nmconnection
Apply the new network configuration.
ifconfig eth0 0.0.0.0
systemctl restart NetworkManager
ifconfig eth0
Update :
RedHat may ask you to make a new subscription.
subscription-manager register --username <username> --password <password> --force
dnf update
Take over the rules of the TemplateVM firewall.
See Firewall Configuration.
vi /etc/ufw/applications.d/ufw-custom
[MYSQL]
title=Mysql
description=Mysql 3306
ports=3306/tcp
ufw reload
ufw allow MYSQL
ufw allow 'WWW Full'
ufw status verbose
Status: active
Logging: on (medium)
Default: deny (incoming), deny (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
22 ALLOW IN 192.168.20.0/29
3306/tcp (MYSQL) ALLOW IN Anywhere
80,443/tcp (WWW Full) ALLOW IN Anywhere
80,443/tcp (WWW Full) ALLOW OUT Anywhere
25/tcp (SMTP) ALLOW OUT Anywhere
53 (DNS) ALLOW OUT Anywhere
67,68/udp (DHCP) ALLOW OUT Anywhere
123/udp (NTP2) ALLOW OUT Anywhere
465/tcp (SMTP SSL) ALLOW OUT Anywhere
587/tcp (SMTP TLS) ALLOW OUT Anywhere
993/tcp (IMAP SSL) ALLOW OUT Anywhere
143/tcp (IMAP TLS) ALLOW OUT Anywhere
Restart the server.
reboot