summaryrefslogtreecommitdiff
path: root/conf/plugins/eap-radius.conf
diff options
context:
space:
mode:
Diffstat (limited to 'conf/plugins/eap-radius.conf')
-rw-r--r--conf/plugins/eap-radius.conf86
1 files changed, 86 insertions, 0 deletions
diff --git a/conf/plugins/eap-radius.conf b/conf/plugins/eap-radius.conf
new file mode 100644
index 000000000..53023b81e
--- /dev/null
+++ b/conf/plugins/eap-radius.conf
@@ -0,0 +1,86 @@
+eap-radius {
+
+ # Send RADIUS accounting information to RADIUS servers.
+ # accounting = no
+
+ # If enabled, accounting is disabled unless an IKE_SA has at least one
+ # virtual IP.
+ # accounting_requires_vip = no
+
+ # Use class attributes in RADIUS-Accept messages as group membership
+ # information.
+ # class_group = no
+
+ # Closes all IKE_SAs if communication with the RADIUS server times out. If
+ # it is not set only the current IKE_SA is closed.
+ # close_all_on_timeout = no
+
+ # Send EAP-Start instead of EAP-Identity to start RADIUS conversation.
+ # eap_start = no
+
+ # Use filter_id attribute as group membership information.
+ # filter_id = no
+
+ # Prefix to EAP-Identity, some AAA servers use a IMSI prefix to select the
+ # EAP method.
+ # id_prefix =
+
+ # Whether to load the plugin. Can also be an integer to increase the
+ # priority of this plugin.
+ load = yes
+
+ # NAS-Identifier to include in RADIUS messages.
+ # nas_identifier = strongSwan
+
+ # Port of RADIUS server (authentication).
+ # port = 1812
+
+ # Shared secret between RADIUS and NAS. If set, make sure to adjust the
+ # permissions of the config file accordingly.
+ # secret =
+
+ # IP/Hostname of RADIUS server.
+ # server =
+
+ # Number of sockets (ports) to use, increase for high load.
+ # sockets = 1
+
+ dae {
+
+ # Enables support for the Dynamic Authorization Extension (RFC 5176).
+ # enable = no
+
+ # Address to listen for DAE messages from the RADIUS server.
+ # listen = 0.0.0.0
+
+ # Port to listen for DAE requests.
+ # port = 3799
+
+ # Shared secret used to verify/sign DAE messages. If set, make sure to
+ # adjust the permissions of the config file accordingly.
+ # secret =
+
+ }
+
+ forward {
+
+ # RADIUS attributes to be forwarded from IKEv2 to RADIUS.
+ # ike_to_radius =
+
+ # Same as ike_to_radius but from RADIUS to IKEv2.
+ # radius_to_ike =
+
+ }
+
+ # Section to specify multiple RADIUS servers.
+ servers {
+
+ }
+
+ # Section to configure multiple XAuth authentication rounds via RADIUS.
+ xauth {
+
+ }
+
+}
+
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-25 17:17:25 +0000