Squid dengan autentikasi FreeRADIUS+LDAP
Pertama pastikan squid telah terinstall dengan benar, dan dapat berjalan dengan baik, selanjutnya install FreeRADIUS yang di koneksikan ke LDAP
ldap {
server = "ldap.xx.xx.xx"
basedn = "ou=people,o=Universitas Gadjah Mada,dc=ugm,dc=ac,dc=id"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
start_tls = no
dictionary_mapping = ${raddbdir}/ldap.attrmap
ldap_connections_number = 5
edir_account_policy_check=no
timeout = 4
timelimit = 3
net_timeout = 1
compare_check_items = no
set_auth_type = yes
}
authorize {
preprocess
suffix
ldap
}
authenticate {
Auth-Type LDAP {
ldap
}
}
Tes autentikasi ldapnya
radtest masrifqi xxxxx localhost 0 radius Sending Access-Request of id 5 to 127.0.0.1 port 1812 User-Name = "username" User-Password = "xxxxx" NAS-IP-Address = 255.255.255.255 NAS-Port = 0 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=5, length=20
Install radius autentikatornya dari port saja (biar gampang) lalu install
cd /usr/ports/www/squid_radius_auth make && make install
Kemudian pada config squid tambahkan baris berikut
auth_param basic program /usr/local/libexec/squid/squid_radius_auth -f /usr/local/etc/squid/squid_radius_auth.conf acl ldapauth proxy_auth REQUIRED http_access allow lan ldapauth http_access deny all
Terakhir reload configurasi squid
/usr/local/sbin/squid -k reconfigure
Selamat mencoba :)
