T4958: ocserv: openconnect: adds support for configuring RADIUS accounting

Adds CLI configuration options to configure RADIUS accounting for OpenConnect VPN sessions. This functionality cannot be used outside of the RADIUS OpenConnect VPN authentication mode
author: Jamie Austin <jamiea@opusv.com.au> 2023-01-27 17:32:29 +1100
committer: Jamie Austin <jamieaustinprogramming@gmail.com> 2023-01-28 15:11:07 +1100
commit: e61f7abdb2136d8dfbf73729dbc14c3b5ab2ecba (patch)
tree: f045fe1092ecbb3d5d8366dfb647e15de8572d59 /data/templates/ocserv/ocserv_config.j2
parent: e6023a3c710a84c12f9ce51d41af21120bb44e5a (diff)
download: vyos-1x-e61f7abdb2136d8dfbf73729dbc14c3b5ab2ecba.tar.gz
vyos-1x-e61f7abdb2136d8dfbf73729dbc14c3b5ab2ecba.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/data/templates/ocserv/ocserv_config.j2 b/data/templates/ocserv/ocserv_config.j2
index 3194354e6..aa8897703 100644
--- a/data/templates/ocserv/ocserv_config.j2
+++ b/data/templates/ocserv/ocserv_config.j2
@@ -10,6 +10,10 @@ udp-port = {{ listen_ports.udp }}
 run-as-user = nobody
 run-as-group = daemon
 
+{% if "radius" in accounting.mode %}
+acct = "radius [config=/run/ocserv/radiusclient.conf]"
+{% endif %}
+
 {% if "radius" in authentication.mode %}
 auth = "radius [config=/run/ocserv/radiusclient.conf{{ ',groupconfig=true' if authentication.radius.groupconfig is vyos_defined else '' }}]"
 {% elif "local" in authentication.mode %}
author	Jamie Austin <jamiea@opusv.com.au>	2023-01-27 17:32:29 +1100
committer	Jamie Austin <jamieaustinprogramming@gmail.com>	2023-01-28 15:11:07 +1100
commit	e61f7abdb2136d8dfbf73729dbc14c3b5ab2ecba (patch)
tree	f045fe1092ecbb3d5d8366dfb647e15de8572d59 /data/templates/ocserv/ocserv_config.j2
parent	e6023a3c710a84c12f9ce51d41af21120bb44e5a (diff)
download	vyos-1x-e61f7abdb2136d8dfbf73729dbc14c3b5ab2ecba.tar.gz vyos-1x-e61f7abdb2136d8dfbf73729dbc14c3b5ab2ecba.zip