blob: c94e75a23268af4f37bf452f8f4b1426f32e818a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
{% if authentication.mode is defined and authentication.mode == 'local' %}
[chap-secrets]
chap-secrets={{ chap_secrets_file }}
{% elif authentication.mode is defined and authentication.mode == 'radius' %}
[radius]
verbose=1
{% for server, options in authentication.radius.server.items() if not options.disable is defined %}
server={{ server }},{{ options.key }},auth-port={{ options.port }},acct-port={{ options.acct_port }},req-limit=0,fail-time={{ options.fail_time }}
{% endfor %}
{% if authentication.radius.acct_interim_jitter is defined and authentication.radius.acct_interim_jitter is not none %}
acct-interim-jitter={{ authentication.radius.acct_interim_jitter }}
{% endif %}
acct-timeout={{ authentication.radius.acct_timeout }}
timeout={{ authentication.radius.timeout }}
max-try={{ authentication.radius.max_try }}
{% if authentication.radius.nas_identifier is defined and authentication.radius.nas_identifier is not none %}
nas-identifier={{ authentication.radius.nas_identifier }}
{% endif %}
{% if authentication.radius.nas_ip_address is defined and authentication.radius.nas_ip_address is not none %}
nas-ip-address={{ authentication.radius.nas_ip_address }}
{% endif %}
{% if authentication.radius.source_address is defined and authentication.radius.source_address is not none %}
bind={{ authentication.radius.source_address }}
{% endif %}
{% if authentication.radius.called_sid_format is defined and authentication.radius.called_sid_format is not none %}
called-sid={{ authentication.radius.called_sid_format }}
{% endif %}
{% if authentication.radius.dynamic_author.server is defined and authentication.radius.dynamic_author.server is not none %}
dae-server={{ authentication.radius.dynamic_author.server }}:{{ authentication.radius.dynamic_author.port }},{{ authentication.radius.dynamic_author.key }}
{% endif -%}
{% endif %}
{# Both chap-secrets and radius block required the gw-ip-address #}
{% if gateway_address is defined and gateway_address is not none %}
gw-ip-address={{ gateway_address }}
{% endif %}
|