From owner-freebsd-security@FreeBSD.ORG  Thu Jan 26 08:19:05 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5A01D16A420;
	Thu, 26 Jan 2006 08:19:05 +0000 (GMT) (envelope-from mohacsi@niif.hu)
Received: from mail.ki.iif.hu (mignon.ki.iif.hu [193.6.222.240])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EA8D543D46;
	Thu, 26 Jan 2006 08:19:04 +0000 (GMT) (envelope-from mohacsi@niif.hu)
Received: by mail.ki.iif.hu (Postfix, from userid 1003)
	id 42F3A556C; Thu, 26 Jan 2006 09:19:02 +0100 (CET)
Received: from localhost (localhost [127.0.0.1])
	by mail.ki.iif.hu (Postfix) with ESMTP id 3BF53553F;
	Thu, 26 Jan 2006 09:19:02 +0100 (CET)
Date: Thu, 26 Jan 2006 09:19:02 +0100 (CET)
From: Mohacsi Janos <mohacsi@niif.hu>
X-X-Sender: mohacsi@mignon.ki.iif.hu
To: gahn <ipfreak@yahoo.com>
In-Reply-To: <20060126052422.34743.qmail@web52114.mail.yahoo.com>
Message-ID: <20060126090312.N1888@mignon.ki.iif.hu>
References: <20060126052422.34743.qmail@web52114.mail.yahoo.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd security <freebsd-security@freebsd.org>,
	freebsd general questions <freebsd-questions@freebsd.org>
Subject: Re: mpd and radius
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Jan 2006 08:19:05 -0000




On Wed, 25 Jan 2006, gahn wrote:

> Hi all:
>
> I ahve some basic questions regarding the mpd.conf:
>
> set radius retries 3
> set radius timeout 3
> set radius server 192.168.128.101 testing123 1812 1813
> set radius me 1.1.1.1
> set bundle enable radius-auth radius-fallback
>
> Here my radius server is 192.168.128.101 and interanl
> interface of this mpd server is 192.168.64.65
>
> 1) What is this "testing123"? is that key between
> radius server and the nas (the pptp box)?


Yes. This is a shared secret between your radius server and "nas" boxes. 
Any clients which is accessing radius server should use their respective 
shared secret. If you are using freeradius you should configure it in 
clients.conf  and your "nas" box. You should also select a reasonably 
complex shared secret to prevent brute force guessing attack against your 
radius server.

>
> "set radius me 1.1.1.1
> #send the given IP in the RAD_NAS_IP_ADDRESS attribute
> to the server."

This one is the IP address configured for this NAS/client...

Regards,
  	Janos Mohacsi