Welcome, guest! Login / Register - Why register?
Psst.. new poll here.
[email protected] web/email now available. Want one? Go here.
Cannot use outlook/hotmail/live here to register as they blocking our mail servers. #microsoftdeez
Obey the Epel!

Paste

Pasted by registered user bmalynovytch ( 12 years ago )
#
#

prefix = /usr
exec_prefix = /usr
sysconfdir = /etc
localstatedir = /var
sbindir = /usr/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct
name = radiusd
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/${name}
db_dir = ${raddbdir}
log_file = ${logdir}/radius.log
libdir = /usr/lib64/freeradius
pidfile = ${run_dir}/${name}.pid
user = radiusd
group = radiusd
delete_blocked_requests = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
listen {
 type = auth
 ipaddr = *
 port = 0
}
listen {
 ipaddr = *
 port = 0
 type = acct
}
hostname_lookups = no
allow_core_dumps = no
regular_expressions = yes
extended_expressions = yes
log {
 destination = files
 file = ${logdir}/radius.log
 syslog_facility = daemon
 stripped_names = no
 auth = yes
 auth_badpass = no
 auth_goodpass = no
}
checkrad = ${sbindir}/checkrad
security {
 max_attributes = 200
 reject_delay = 1
 status_server = yes
}
client wap200 {
        ipaddr = X.X.X.X
        proto = *
        secret = "..." # Same secret
        require_message_authenticator = no
        nastype = other 
 shortname = wap200
}
client dgs-1210-48 {
        ipaddr = X.X.X.Y
        proto = *
        secret = "..." # Same secret
        require_message_authenticator = no
        nastype = other 
 shortname = dgs-1210-48
}
thread pool {
 start_servers = 5
 max_servers = 32
 min_spare_servers = 3
 max_spare_servers = 10
 max_requests_per_server = 0
}
modules {
 pap{
  auto_header = yes 
 } 
 
 files{
  usersfile = ${confdir}/users
  compat = no 
 } 
 
 eap {
  default_eap_type = tls
  timer_expire     = 300
  ignore_unknown_eap_types = no
  cisco_accounting_username_bug = no
  max_sessions = 4096
  tls {
   certdir = ${confdir}/certs
   cadir = ${confdir}/certs
   private_key_password = ...
   private_key_file = ${certdir}/server.key
   certificate_file = ${certdir}/server.pem
   CA_file = ${cadir}/ca.pem
   dh_file = ${certdir}/dh
   random_file = ${certdir}/random
   check_cert_cn = %{User-Name}
   cipher_list = "DEFAULT"
   check_crl = no
   #cache {
   #      enable = no
   #      max_entries = 255
   #}
   #verify {
   #}
  }
 }
}
authorize { 
          files
          eap
   pap
}
authenticate {
        Auth-Type PAP {
         pap
        }
 eap
 files
}

 

Revise this Paste

Your Name: Code Language: