Changes between Version 2 and Version 3 of NSM2021/Agenda/IcingaEduroamCheck


Ignore:
Timestamp:
May 31, 2021, 11:53:20 AM (4 years ago)
Author:
admin
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • NSM2021/Agenda/IcingaEduroamCheck

    v2 v3  
    3838  }}}
    3939
     40* On your !FreeRadius Server, add the monitoring IP as an client on `/etc/freeradius/clients.conf` or `/etc/freeradius/3.0/clients.conf` and restart the freeradius service.
    4041
    41 * Download monitoring plugin to icinga plugin directory ( we use a small script from REANNZ )
     42  {{{
     43       client monitor_icinga {
     44            ipaddr  = a.b.c.d
     45            secret  = <Shared_Secret>
     46       }
     47  }}}
     48
     49* Back on your Monitoring Server,
     50
     51  Test user auth by `rad_eap_test -H <Freeradius_server_IP> -P 1812 -S <Shared_Secret>  -u <username@YOUR-DOMAIN> -p <user_pass> -m WPA-EAP -e PEAP`
     52  [[br]]You should receive an `access-accept`
     53
     54* Next, download the monitoring plugin to icinga plugin directory ( we should use a script from REANNZ )
    4255
    4356  {{{
     
    4962  }}}
    5063
     64
     65== Director Configurations ==
     66
     67You have to,
     68
     69  *  Create custom Plugin Check Command
     70  *  Add required Arguments
     71  *  Create custom fields set
     72  *  Create custom fields
     73  *  Create a Service Template
     74  *  Create Host for the !FreeRadius Server
     75  *  Create a Service and associate it with the created host
     76   
     77
     78=== Create Custom Check Command ===
     79
     80* Goto `Director` --> `Commands` --> `+Add` and create the Command `eduroam-eap`
     81
     82[[Image(create-eduroam-eap.png, 600px, nolink)]]
     83
     84* Goto `Arguments` tab of the `eduroam-eap` command and add following Arguments. ( Args marked in red arrows have to be created with special care )
     85
     86[[Image(Args-eduroam-eap.png, 600px, nolink)]]
     87
     88  Arguments marked in red have to be created as follows:
     89
     90[[Image(Args-eduroam-eap-c.png, 600px, nolink)]]
     91
     92* Command Preview should be similar to:
     93
     94{{{
     95object CheckCommand "eduroam-eap" {
     96    import "plugin-check-command"
     97    command = [ PluginDir + "/check_eduroam_login.pl" ]
     98    arguments += {
     99        "-2" = "MSCHAPV2"
     100        "-C" = {
     101            set_if = "$eduroam_request_cui$"
     102        }
     103        "-H" = "$address$"
     104        "-I" = {
     105            description = "NAS IP address"
     106            set_if = {{
     107                return len(macro("$eduroam_nas_ip_address$")) >0
     108            }}
     109            value = "$eduroam_nas_ip_address$"
     110        }
     111        "-O" = {
     112            description = "Eduroam Operator Name"
     113            set_if = {{
     114                return len(macro("$eduroam_operator_name$")) >0
     115            }}
     116            value = "$eduroam_operator_name$"
     117        }
     118        "-P" = "$eduroam_port$"
     119        "-d" = {
     120            set_if = {{
     121                return macro("$eduroam_verbosity$") == 2
     122            }}
     123        }
     124        "-e" = "PEAP"
     125        "-m" = "WPA-EAP"
     126        "-p" = "$eduroam_password$"
     127        "-s" = "$eduroam_secret$"
     128        "-u" = "$eduroam_user$"
     129        "-v" = {
     130            set_if = {{
     131                return macro("$eduroam_verbosity$") == 1
     132            }}
     133        }
     134    }
     135}
     136
     137
     138}}}
     139
     140
     141
     142
     143
     144