|
楼主 |
发表于 2006-3-8 12:43:45
|
显示全部楼层
它的功能很不错的滴:
How to Configure Server and Admin programs
Since the release of Evolynx RADIUS 2.0, by default configuration settings are loaded from a database table . Using this feature you will be able to change the configuration of your Evolynx RADIUS using the web based Admin application.
Note that some of configuration parameters will always be read from the config file. All other values will be extraced from database. The following parameters are always read from EvolynxRadius.exe.config file:
Service_Retry_Count
Service_Retry_Delay_Sec
MaintenanceTimerIntervals
ConnectionString
LoadConfigFromAPI
LoadClientsFromAPI It's very important that you pay more attention to "ConnectionString" parameter. This parameter in EvolynxRadius.exe.config file (or web.config for web based application) specifies how Evolynx programs will access the database. If your SQL server is running on a machine other than the Evolynx program, you need to change the server name specified in "ConnectionString". Also, if you change the User ID or password used to access the database, those values should be updated in the config files as well. For more information, see
Config File
.
Web Based Configuration pageTo see the configuration page, login to Admin program and click on Settings at top menu, then select "RADIUS server settings" option.
This page is devided to 4 sections:
Server Properties
Authentication Protocols
MPPE Encryption
Email Notification
Server PropertiesIn this section you can change the settings controling behavior of RADIUS Server and Admin program.
Server IP Address
Evolynx RADIUS server by default uses the first network adapter and related IP address that it finds. If there is only one network IP address is available, You can leave this box empty. If you have more than one IP address and you know which one should be used, enter the IP address in this box.
Configuring RADIUS UDP ports
You can change the RADIUS and RADIUS accounting UDP port numbers here. Make sure to restart your Evolynx RADIUS after changing the port numbers.
Server Computer Name
This is the "Windows" name of your server computer running Evolynx RADIUS server. This name is used in Admin program to communicate with the service. For LocalHost use ".".
SMTP Server
In order to use the email related features (Email Notifications), you must specify a working and valid SMTP server.
Configuring Multithreading
Evolynx RADIUS server is a multithreaded software. It can use as much processing power as your operating system can provide. The default settings of Evolynx RADIUS server is optimized for systems with one or two CPUs. If you plan to use a server with four CPUs or more, you can try to turn on this switch. We suggest you run a performance test before and after you change this setting and compare the results to make sure your RADIUS server is configured for best performance
Enable Proxy
You can easily setup a RADIUS proxy server and forward requests based on value of specific RADIUS attributes (Proxy Rules). For more information see
Proxy and Forwarding
.
Enable Packet Log
Packet log is a new feature introduced in V 3.0. By enabling this feature you can log any RADIUS attribute from any RADIUS packet arriving at the server. For more information see
Packet Log
.
Enabling VoIP
To enable VoIP features in Evolynx RADIUS, use this check box. For more information see
VoIP (Voice Over IP) Setup
.
Enable Custom Attributes
In many situations, when a new connection is established, you may need to send other attributes in an Access_Accept packet. Most of the time, these attributes are "Vendor specific". Evolynx RADIUS lets you add any number of Custom Attributes to each "Service". When an Access_Accept package is being sent for a Customer, if there is any Custom Attributes defined for that specific service they will be added to packet. This feature can be easily used for "Filter-ID", "Framed-Compression" or any other attribute like bandwidth management.
Because of the added overhead, this feature is disabled by default. If you need to support "Custom Attributes", use this check box.
Security Info Required
When entering Customer's data in Evolynx Admin, you are required to provide the Birthdate and ID number as security information. Some users may prefer to not to enter these data to speed up the data entry process. You can un-check this setting and after that you won't have to enter data in these two fields. This check box is only used by Admin program.
Accounting By Seconds
If you need to change the time calculation precision of the accounting operation from minutes to seconds, use this check box.
Please note that the word "Minute" in database tables and web based Admin program will not change, but the time values will be treated as Seconds. All fees will still be "per minute".
Accounting Interim Intervals
This parameter which was added since V 3.2.0 allows you to use Accounting Interim Updates as a signal that shows a user is still connected. A value greater than or equal60 (seconds) means this feature is enabled and a value less than 60 means it's disabled. RFC 2869 suggests that this value SHOULD be greater than or equal 600 (10 minutes).
For more information on how this parameter is used in "Evolynx Advanced Version" see
How It Works
Logging RADIUS packets
When trouble shooting a RADIUS implementation, a simple Log file which shows some details about failed packets could be very useful. When you enable logging option, Evolynx RADIUS creates a Log file in the same folder it is installed in. Also, same data is stored in a database table, available through Admin program. To enable logging, you must select the desierd Log Mode from dropdown.
Authentication ProtocolsIn some cases you may need to disable some of the authentication protocols and use only specific protocols. For example your security policy restricts your users to use only MS-CHAP V2 protocol. In situations like this you can enable or disable each Protocol using this section. The following Protocol switches are available
AllowPAP
AllowCHAP
AllowMSCHAP
AllowMSCHAP2
AllowEAP_MD5
AllowEAP_TLS The EAP-TLS protocol is disabled by default. Before you enable this option you need to make sure that required "Machine Certificates" are installed on your server.
MPPE EncryptionSupport for encrypted connections is provided by MPPE encryption. MPPE supports RC4 encryption with 40 and 128 bit keys. To enable MPPE encryption, check "Enable MPPE". Because of the overhead of the encryption operation, the default value is False. None of the other MPPE settings will be used unless "Enable MPPE" is selected. Please note that MPPE encryption is only supported in MS-CHAP and EAP connections.
"MPPE_Policy" key specifies if the encryption is required or optional:
Optional
Required You can enable or disable any of the valid key lengths. To enable 40 bit keys, select the "40 Bit Encryption" check box. "128 Bit Encryption" check box is used to enable or disable the 128 bit encryption. If both are enabled, the client will decide which one to use.
Email NotificationThis section configures Email notification feature. Evolynx Server can be configured to search for Customers who have low balance or their Service is going to expire and automatically send an email to these Customers.
Notification Process Start Time
This process can execute automatically once a day at the time specified in this screen. It's also possible to run this process manually using Evolynx Controller Tool.
Enable Email Notifications
Email Notifications will only be sent if "Enable Email Notifications" check box is selected. This check box enables both manual and automatic Notifications.
Low Balance and End of Service
In this Settings screen you specify which Customers should receive notification email by defining the trigger Balance and number of days before service expires. If a value less than Zero is used, that specific criteria will not be checked. For example if trigger Balance is -1 but "Number of Days" is 3, it means that only Customers whoes service will expire in 3 days or less will receive notifications and Customers' Balance will not trigger any email notification.
Email Templates
The template email messages are stored in XML format and can be modified using a text editor. These XML files are stored in Evolynx Service directory and their names are "Notify_Balance.xml" and "Notify_ServiceEnd.xml". Make sure to customize these files before enabling Email Notifications.
Notes
Only Customers will receive Email Notifications who are not "Disabled" or "Deleted". Also, only Customers will be checked for Low Balance which are using a Pre-Paid/Debit Service. Customers whoes service is already expired will not receive this notification. Once a Customer receives a notification, no more notifications will be sent to that Customer until Service is renewed or more credit is added to Customer. Notification will be sent to Email address provided in Customer "Contact Info" page.
Config FileYou still have the option to use the "EvolynxRadius.exe.config" text file as the source for configuration. Please see
Config File
for more information. |
|