Mercurial > hg > waaad
view doc/radius_gw.conf.sample @ 342:79aad36bdd57
Fix typo
author | Sebastien Decugis <sdecugis@nict.go.jp> |
---|---|
date | Tue, 28 Apr 2009 13:52:14 +0900 |
parents | 744a4d868388 |
children | 087d76efb83d |
line wrap: on
line source
# This file contains information for configuring the radius_gw extension. # To find how to make waaad load this extension, please refer to the waaad documentation. # # The radius_gw extension provides features to a waaad host to serve as a # RADIUS/Diameter gateway. Typically, a RADIUS client (e.g. a NAS) would connect to # this extension, and the message would be converted to Diameter and sent to a Diameter server. # # This extension contains two almost independent parts: authentication/authorization and accounting. # See the detail of each section bellow. # # Note that this extension alone is not sufficient for most authentication / authorization applications. # You need to add specific extensions for each application such as NASREQ, EAP, ... # See the "auth_mod" configuration parameter for this purpose. #################### # Authentication # # Authorization # #################### # Enable the RADIUS/Diameter authentication/authorization gateway? # auth_server_enable = 1; # The port on which the accounting server listens # auth_server_port = 1812; # The IPv4 on which to bind the server, or "disable" if IPv4 must not be used. # auth_server_ip4 = 0.0.0.0; # The IPv6 address to which the server is bound, or "disable" # auth_server_ipv6 = :: ; # Enabling the auth server is not sufficient, one must provide additional modules # that will convert the specific RADIUS messages / attributes depending on application. # When a RADIUS message is received and no module is available to handle it / one of its attributes, # it is logged and an error message is returned. # auth_mod = radius_2865 ; # RADIUS base RFC, PAP / CHAP authentication (NASREQ) # auth_mod = radius_3579 : radius_eap.conf ; # RADIUS EAP RFC (Diameter EAP) # auth_mod = radius_ignore : radius_ignore.conf; # list of attributes to discard or blind copy in answers. ################ # Accounting # ################ # Enable the RADIUS/Diameter accounting gateway? # acct_server_enable = 1; # The port on which the accounting server listens # acct_server_port = 1813; # The IPv4 on which to bind the server, or "disable" if no IPv4 is wanted. # acct_server_ip4 = 0.0.0.0; # The IPv6 address to which the server is bound, or "disable" # acct_server_ipv6 = :: ; # Store session id used by authentication messages to find the application id for the accounting msg # acct_app_sessions = 1; # The Diameter Application to use for the accounting messages with unknown session information # acct_app_id = 0; ################## # RADIUS Clients # ################## # Each RADIUS client must be declared in the form: IP = shared-secret ; # IP can be ipv4 or ipv6 # shared-secret can be a quoted string, or a list of hexadecimal values. # examples: # 192.168.100.1 = "secret key" ; # the shared secret buffer is 0x736563726574206b6579 (length 10 bytes) # fe00::1 = 73 65 63 72 65 74 20 6b 65 79; # same shared secret as previously # When a packet is received from an IP not declared here, it is silently discarded.