blob: fad8e7dcbc00b9513bcbb4abec797698be62e848 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
# Automatically generated by system-login.py
# RADIUS configuration file
{% if radius is defined and radius is not none %}
{# RADIUS IPv6 source address must be specified in [] notation #}
{% set source_address = namespace() %}
{% if radius.source_address is defined and radius.source_address is not none %}
{% for address in radius.source_address %}
{% if address | is_ipv4 %}
{% set source_address.ipv4 = address %}
{% elif address | is_ipv6 %}
{% set source_address.ipv6 = "[" + address + "]" %}
{% endif %}
{% endfor %}
{% endif %}
{% if radius.server is defined and radius.server is not none %}
# server[:port] shared_secret timeout source_ip
{# .items() returns a tuple of two elements: key and value. 1 relates to the 2nd element i.e. the value and .priority relates to the key from the internal dict #}
{% for server, options in radius.server.items() | sort(attribute='1.priority') if not options.disabled %}
{# RADIUS IPv6 servers must be specified in [] notation #}
{% if server | is_ipv4 %}
{{ server }}:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv4 if source_address.ipv4 is defined }}
{% else %}
[{{ server }}]:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv6 if source_address.ipv6 is defined }}
{% endif %}
{% endfor %}
{% endif %}
priv-lvl 15
mapped_priv_user radius_priv_user
{% if radius.vrf is defined and radius.vrf is not none %}
vrf-name {{ radius.vrf }}
{% endif %}
{% endif %}
|
