Mercurial > hg > waaad

view doc/radius_gw.conf.sample @ 342:79aad36bdd57

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix typo
author Sebastien Decugis <sdecugis@nict.go.jp>
date Tue, 28 Apr 2009 13:52:14 +0900
parents 744a4d868388
children 087d76efb83d
line wrap: on
line source

# This file contains information for configuring the radius_gw extension.
# To find how to make waaad load this extension, please refer to the waaad documentation.
#
# The radius_gw extension provides features to a waaad host to serve as a
# RADIUS/Diameter gateway. Typically, a RADIUS client (e.g. a NAS) would connect to
# this extension, and the message would be converted to Diameter and sent to a Diameter server.
#
# This extension contains two almost independent parts: authentication/authorization and accounting.
# See the detail of each section bellow.
#
# Note that this extension alone is not sufficient for most authentication / authorization applications.
# You need to add specific extensions for each application such as NASREQ, EAP, ...
# See the "auth_mod" configuration parameter for this purpose.


####################
#  Authentication  #
#  Authorization   #
####################

# Enable the RADIUS/Diameter authentication/authorization gateway?
# auth_server_enable = 1;

# The port on which the accounting server listens
# auth_server_port = 1812;

# The IPv4 on which to bind the server, or "disable" if IPv4 must not be used.
# auth_server_ip4 = 0.0.0.0;

# The IPv6 address to which the server is bound, or "disable"
# auth_server_ipv6 = :: ;

# Enabling the auth server is not sufficient, one must provide additional modules
# that will convert the specific RADIUS messages / attributes depending on application.
# When a RADIUS message is received and no module is available to handle it / one of its attributes, 
# it is logged and an error message is returned.
# auth_mod = radius_2865 ;                       # RADIUS base RFC, PAP / CHAP authentication (NASREQ)
# auth_mod = radius_3579 : radius_eap.conf ;     # RADIUS EAP RFC (Diameter EAP)
# auth_mod = radius_ignore : radius_ignore.conf; # list of attributes to discard or blind copy in answers.


################
#  Accounting  #
################

# Enable the RADIUS/Diameter accounting gateway?
# acct_server_enable = 1;

# The port on which the accounting server listens
# acct_server_port = 1813;

# The IPv4 on which to bind the server, or "disable" if no IPv4 is wanted.
# acct_server_ip4 = 0.0.0.0;

# The IPv6 address to which the server is bound, or "disable"
# acct_server_ipv6 = :: ;

# Store session id used by authentication messages to find the application id for the accounting msg
# acct_app_sessions = 1;

# The Diameter Application to use for the accounting messages with unknown session information
# acct_app_id = 0;


##################
# RADIUS Clients #
##################

# Each RADIUS client must be declared in the form: IP = shared-secret ;
# IP can be ipv4 or ipv6
# shared-secret can be a quoted string, or a list of hexadecimal values.
# examples:
# 192.168.100.1 = "secret key" ; # the shared secret buffer is 0x736563726574206b6579 (length 10 bytes)
# fe00::1 = 73 65 63 72 65 74 20 6b 65 79; # same shared secret as previously
# When a packet is received from an IP not declared here, it is silently discarded.
"Welcome to our mercurial repository"