Mercurial > hg > waaad
changeset 340:744a4d868388
Updated radius_gw documentation (preview)
author | Sebastien Decugis <sdecugis@nict.go.jp> |
---|---|
date | Thu, 02 Apr 2009 11:15:39 +0900 |
parents | 2b62cd08cf02 |
children | f235e221290b |
files | doc/radius_gw.conf.sample |
diffstat | 1 files changed, 17 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/doc/radius_gw.conf.sample Wed Apr 01 16:32:10 2009 +0900 +++ b/doc/radius_gw.conf.sample Thu Apr 02 11:15:39 2009 +0900 @@ -31,11 +31,12 @@ # auth_server_ipv6 = :: ; # Enabling the auth server is not sufficient, one must provide additional modules -# that will convert the specific RADIUS messages depending on application. -# When a RADIUS message is received and no module is available to handle it, it is logged and -# and an error is returned. -# auth_mod = rad_eap : rad_eap.conf ; -# auth_mod = rad_pap ; +# that will convert the specific RADIUS messages / attributes depending on application. +# When a RADIUS message is received and no module is available to handle it / one of its attributes, +# it is logged and an error message is returned. +# auth_mod = radius_2865 ; # RADIUS base RFC, PAP / CHAP authentication (NASREQ) +# auth_mod = radius_3579 : radius_eap.conf ; # RADIUS EAP RFC (Diameter EAP) +# auth_mod = radius_ignore : radius_ignore.conf; # list of attributes to discards / blind copy in answers. ################ @@ -61,3 +62,14 @@ # acct_app_id = 0; +################## +# RADIUS Clients # +################## + +# Each RADIUS client must be declared in the form: IP = shared-secret ; +# IP can be ipv4 or ipv6 +# shared-secret can be a quoted string, or a list of hexadecimal values. +# examples: +# 192.168.100.1 = "secret key" ; # the shared secret buffer is 0x736563726574206b6579 (length 10 bytes) +# fe00::1 = 73 65 63 72 65 74 20 6b 65 79; # same shared secret as previously +# When a packet is received from an IP not declared here, it is silently discarded.