diff options
Diffstat (limited to 'data/templates/accel-ppp/config_chap_secrets_radius.j2')
| -rw-r--r-- | data/templates/accel-ppp/config_chap_secrets_radius.j2 | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/data/templates/accel-ppp/config_chap_secrets_radius.j2 b/data/templates/accel-ppp/config_chap_secrets_radius.j2 new file mode 100644 index 0000000..e343ce4 --- /dev/null +++ b/data/templates/accel-ppp/config_chap_secrets_radius.j2 @@ -0,0 +1,58 @@ +{% if authentication.mode is vyos_defined('local') %} +[chap-secrets] +chap-secrets={{ chap_secrets_file }} +{% elif authentication.mode is vyos_defined('radius') %} +[radius] +verbose=1 +{% for server, options in authentication.radius.server.items() if not options.disable is vyos_defined %} +{% set _server_cfg = "server=" %} +{% set _server_cfg = _server_cfg + server %} +{% set _server_cfg = _server_cfg + "," + options.key %} +{% set _server_cfg = _server_cfg + ",auth-port=" + options.port %} +{% set _server_cfg = _server_cfg + ",acct-port=" + options.acct_port %} +{% set _server_cfg = _server_cfg + ",req-limit=0" %} +{% set _server_cfg = _server_cfg + ",fail-time=" + options.fail_time %} +{% if options.priority is vyos_defined %} +{% set _server_cfg = _server_cfg + ",weight=" + options.priority %} +{% endif %} +{% if options.backup is vyos_defined %} +{% set _server_cfg = _server_cfg + ",backup" %} +{% endif %} +{{ _server_cfg }} +{% endfor %} +{% if authentication.radius.accounting_interim_interval is vyos_defined %} +acct-interim-interval={{ authentication.radius.accounting_interim_interval }} +{% endif %} +{% if authentication.radius.acct_interim_jitter is vyos_defined %} +acct-interim-jitter={{ authentication.radius.acct_interim_jitter }} +{% endif %} +acct-timeout={{ authentication.radius.acct_timeout }} +timeout={{ authentication.radius.timeout }} +max-try={{ authentication.radius.max_try }} +{% if authentication.radius.nas_identifier is vyos_defined %} +nas-identifier={{ authentication.radius.nas_identifier }} +{% endif %} +{% if authentication.radius.nas_ip_address is vyos_defined %} +nas-ip-address={{ authentication.radius.nas_ip_address }} +{% endif %} +{% if authentication.radius.source_address is vyos_defined %} +bind={{ authentication.radius.source_address }} +{% endif %} +{% if authentication.radius.dynamic_author.server is vyos_defined %} +dae-server={{ authentication.radius.dynamic_author.server }}:{{ authentication.radius.dynamic_author.port }},{{ authentication.radius.dynamic_author.key }} +{% endif %} +{% endif %} +{# Both chap-secrets and radius block required the gw-ip-address #} +{% if authentication.mode is vyos_defined('local') or authentication.mode is vyos_defined('radius') %} +{% if gateway_address is vyos_defined %} +{% if server_type == 'ipoe' %} +{% for gw in gateway_address %} +{% set host_address, _ = gw.split('/') %} +gw-ip-address={{ host_address }} +{% endfor %} +{% else %} +gw-ip-address={{ gateway_address }} +{% endif %} +{% endif %} +{% endif %} + |