Tag Archives: guide

02/19/09

Building Ubuntu FreeRadius 1.1.7 with EAP/TLS/TTLS support

Ubuntu do not have freeradius1 is their repo.It’s annoying considering most of the online guide/config for freeradius TTLS is on freeradius1.Moreover,due to licensing issue,Ubuntu do not support EAP/TLS/TTLS by default.

This is the steps to get a freeradius1 with EAP/TLS/TTLS deb

1. Download from freeradius.org. during time of writing it’s 1.1.7 wget -c ftp://ftp.freeradius.org/pub/radius/freeradius-1.1.7.tar.gz

2. extract it into a directory. tar xvf freeradius-1.1.7.tar.gz

3. change directory cd freeradius-1.1.7

4. check debian/rules nano debian/rules.Ensure this line is uncomment and “buildssl” contain –with-rlm_eap_peap –with-rlm_eap_tls –with-rlm_eap_ttls
modulepackages = krb5 ldap mysql iodbc postgresql
buildssl = --with-rlm_eap_peap --with-rlm_eap_tls --with-rlm_eap_ttls --with-rlm_sql_postgresql_lib_dir=`pg_config --libdir` --with-rlm_sql_postgresql_include_dir=`pg_config --includedir`

5. check debian/control nano debian/control and ensure libssl-dev is in the build depends Build-Depends: debhelper (>= 4.2.32), dpatch (>= 2), autotools-dev, libtool (>= 1.5), libltdl3-dev, libpam0g-dev, libmysqlclient15-dev | libmysqlclient14-dev | libmysqlclient-dev, libgdbm-dev, libldap2-dev, libsasl2-dev, libiodbc2-dev, libkrb5-dev, libperl-dev, snmp, libsnmp9-dev | libsnmp5-dev | libsnmp4.2-dev, libpq-dev | postgresql-dev, libssl-dev

6. install packages that are required for compiling apt-get install build-essential fakeroot

7. install freeradius dependency apt-get build-dep freeradius

8. in freeradius-1.1.7 run dpkg-buildpackage -rfakeroot

9. cd ..;ls *.deb these are the deb file you had compiled freeradius_1.1.7-0_i386.deb
freeradius-dialupadmin_1.1.7-0_all.deb
freeradius-iodbc_1.1.7-0_i386.deb
freeradius-krb5_1.1.7-0_i386.deb
freeradius-ldap_1.1.7-0_i386.deb
freeradius-mysql_1.1.7-0_i386.deb
freeradius-postgresql_1.1.7-0_i386.deb

10. to install either packages dpkg -i freeradius_1.1.7-0_i386.deb or dpkg -i [package_name.deb]

just in case if need a dh for certs openssl dhparam -check -text -5 512 -out dh

01/19/09

Convert Mapking R12 to G12 (Symbian & PND)

  1. Get UltraEdit
  2. Download Mapking R12 map
  3. Edit with UltraEdit
  4. On Line 0×0020/00000020h replace with the Header of your desired software

MapKing R12 Map File Header,
Line 0×0020
E5 A8 E9 A8 FB A8 E1 A8 E9 A8 F7 A8

Papago G12 Map File Header,
Line 0×0020
F8 A8 F8 A8 EF A8 99 A8 9A A8 98 A8

Mapking G12 Map (PND,WinCE) File Header
line 0×0020
E3 A8 90 A8 EF A8 9A A8 A8 A8 E5 A8

Mapking G12 Map (Symbian) File Header
line 0×0020
E5 A8 E9 A8 FB A8 E1 A8 E9 A8 F7 A8

01/19/09

Rooting GPS Bay 3303

This is how I did it on my GPS Bay 3303.

Step 1. Create a new file called shell.ini
Step 2. Paste this in

/windows/explorer.exe

Step 3. Copy it into SD card and run “Navigation”
**Note:this step will disable navigation until u delete shell.ini from SD card or you can open it from windows explorer by looking for “MobileNavigator”

01/19/09

Converting GTRACK.BIN to KMZ

This is steps that I used to get the track log

I’m using Mapking G12,so i’m not sure whether this steps apply for other version

  1. Go to Advanced -> Display Setting -> Track Log (enable it)
  2. Select “Navigation” and drive around with/without destination
  3. If you select “Map View”,you should see dots on the map.That’s your track log.
  4. Go to SD Card -> MagaNavi (this folder might be different) -> user.Copy GTRACKMP.BIN to your pc.
  5. Go to this site http://www.noktek.com/~gps/log2kml.htm upload GTRACKMP.BIN and you’ll get a kmz file which could be easily read by text editor.
01/19/09

MMU VPN With VPNC

Install VPNC
host:# apt-get install vpnc

Configure VPNC

host:$ su
host:$ vpnc
Enter IPSec gateway address: vpn.mmu.edu.my
Enter IPSec ID for vpn.mmu.edu.my: mmuvpn
Enter IPSec secret for mmuvpn@vpn.mmu.edu.my:63100
Enter username for vpn.mmu.edu.my: v511xxxx@studmlk
Enter password for v511xxxx@studmlk@vpn.mmu.edu.my:[your MMU Unix password]
VPNC started in background (pid: 14755)…

OR

host:$ su
host:$ cd /etc/vpnc/
host:$ ‘wget’ http://blog.zyrax.net/wp-content/uploads/mmuvpn.conf
host:$ vpnc mmuvpn.conf
Enter username for vpn.mmu.edu.my: v511xxxx@studmlk
Enter password for v511xxxx@studmlk@vpn.mmu.edu.my:[your MMU Unix password]
VPNC started in background (pid: 14755)…

What is my Unix ID and Password?
Read Here

Where you get the IPSec Secret?
IPSec Secret is the same for everyone who is following this tutorial.
It’s just for reference.I used this.

01/19/09

Connect/Disconnect to MMU VPN on Linux with Cisco VPN Client

To Install

1. become root

host:$ su
Password:

2. Get Cisco VPN client for Linux here (Required ICEMS Login)

3. Unpack the downloaded .tar.gz:

host:/usr/local/src# tar -xvzf vpnclient-linux.tar.gz
host:/usr/local/src# cd vpnclient
host:/usr/local/src/vpnclient#

4. Run the installer script

host:/usr/local/src/vpnclient# ./vpn_install
Cisco Systems VPN Client Version 4.8.00 (0490) Linux Installer
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.By installing this product you agree that you have read the
license.txt file (The VPN Client license) and will comply with
its terms.

Directory where binaries will be installed [/usr/local/bin]

Automatically start the VPN service at boot time [yes]

In order to build the VPN kernel module, you must have the
kernel headers for the version of the kernel you are running.

Directory containing linux kernel source code [/lib/modules/2.6.15-26-686/build]

* Binaries will be installed in “/usr/local/bin”.
* Modules will be installed in “/lib/modules/2.6.15-26-686/CiscoVPN”.
* The VPN service will be started AUTOMATICALLY at boot time.
* Kernel source from “/lib/modules/2.6.15-26-686/build” will be used to build the module.

Is the above correct [y]

<… … …>

Setting permissions.
/opt/cisco-vpnclient/bin/cvpnd (setuid root)
/opt/cisco-vpnclient (group bin readable)
/etc/opt/cisco-vpnclient (permissions not changed)
* You may wish to change these permissions to restrict access to root.
* You must run “/etc/init.d/vpnclient_init start” before using the client.
* This script will be run AUTOMATICALLY every time you reboot your computer.

5. Depends on Linux Distribution Check/create appropriate startup script links. This depends on Linux distribution. For Debian/Ubuntu:

host:# ls -s /etc/init.d/vpnclient_init /etc/rc2.d/S85vpnclient_init

if you get this error

ls: /etc/rc2.d/S85vpnclient_init: No such file or directory
4 /etc/init.d/vpnclient_init

This depends on Linux distribution. For Debian/Ubuntu:

host:# cp /etc/init.d/vpnclient_init /etc/rc2.d/S85vpnclient_init

*note: It is important to understand that running the vpnclient_init script does not create VPN yet. The script only checks whether the system is configured properly and loads the necessary kernel module.

6.Configuration

[code][b]host:# cd /etc/CiscoSystemsVPNClient/Profiles/
host: /etc/CiscoSystemsVPNClient/Profiles# ‘wget’ www.linuxsig.net/files/mmuvpn.pcf

7. First time connect,else jump to #8

host:# /etc/init.d/vpnclient_init start

8. Change the permission so that nornal user can connect

host:# chmod 4111 /opt/cisco-vpnclient/bin/cvpnd

9. Connect to MMU VPN (normal user will do)

host:$ vpnclient connect mmuvpn

FAQ: What is my username?
Read Here

10.The VPN between your host and the MMU VPN server was created.
To bring the session to the background

**Press Ctrl+Z**
[1]+ Stopped vpnclient connect sample
host:~$ bg
[1]+ vpnclient connect mmuvpn &

11.To disconnect

host:~$ vpnclient disconnect
Cisco Systems VPN Client Version 4.8.00 (0490)
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.15-26-686 #1 SMP PREEMPT Thu Aug 3 03:13:28 UTC 2006 i686
Config file directory: /etc/opt/cisco-vpnclientDisconnecting the VPN connection.
Your VPN connection has been terminated.

FAQ: I get the following error

host: $ vpnclient connect mmuvpn
Cisco Systems VPN Client Version 4.8.00 (0490)
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.17-10-generic #2 SMP Tue Dec 5 22:28:26 UTC 2006 i686
Config file directory: /etc/opt/cisco-vpnclientCould not attach to driver. Is kernel module loaded?
The application was unable to communicate with the VPN sub-system.

Your Operating System startup did not run the following code.You could run

host: # /etc/init.d/vpnclient_init start

or check Instruction #5

To Uninstall
Use the vpn_uninstall script that comes with the client.Depends on where u extract it.

If you follow the above instruction,you can use the below code.

host:# /usr/local/src/vpnclient/vpn_uninstall

01/19/09

FreeRadius

There are a few dependency that freeradius did not mention.

If your planning to use EAP,you know u need SSL but not openssl.You’ll need libssl-dev.This piece of information took me few days looking on the internet and even compiled openssl by source,which doesn’t help.

If your planning to use ippool,you’ll need libltdl3-dev & libgdbm-dev.

configure freeradius for wpa-enterprise http://tldp.org/HOWTO/html_single/8021X-HOWTO/#confradius

http://ubuntuforums.org/archive/index.php/t-478804.html

So far,that all I need to record down.Just in case I need to reformat the whole OS for the 5th 6th 7th time.One more bad news,freeradius can’t uninstall and I can’t replace it too.So…last resort,reinstall OS.