/etc/freeradius/3.0/sites-enabled/default

mail@pastecode.io avatar
unknown
plain_text
7 months ago
3.2 kB
34
Indexable
Never
server SITE1 {
listen {
        type = auth
        ipaddr = *
        port = 1812
        limit {
              max_connections = 16
              lifetime = 0
              idle_timeout = 30
        }
}
authorize {
        filter_username
        preprocess
        chap
        mschap
        digest
        suffix
        eap {
                ok = return
}
        files
        sql
        -ldap
        expiration
        logintime
        pap
}
authenticate {
        Auth-Type PAP {
                pap
        }
        Auth-Type CHAP {
                chap
        }
        Auth-Type MS-CHAP {
                mschap
        }
        mschap
        digest
        eap
}
preacct {
        preprocess
        acct_unique
        suffix
        files
}
accounting {
        detail
        unix
        sql
        exec
        attr_filter.accounting_response
}
session {
}
post-auth {
        if (session-state:User-Name && reply:User-Name && request:User-Name && (
reply:User-Name == request:User-Name)) {
                update reply {
                        &User-Name !* ANY
                }
        }
        update {
                &reply: += &session-state:
        }
        sql
        exec
        remove_reply_message_if_eap
        Post-Auth-Type REJECT {
                -sql
                attr_filter.access_reject
                eap
                remove_reply_message_if_eap
        }
        Post-Auth-Type Challenge {
        }

}
pre-proxy {
}
post-proxy {
        eap
}
}

server SITE2 {
listen {
        type = auth
        ipaddr = *
        port = 1814
        limit {
              max_connections = 16
              lifetime = 0
              idle_timeout = 30
        }
}
authorize {
        filter_username
        preprocess
        chap
        mschap
        digest
        suffix
        eap {
                ok = return
}
        files
        sql
        -ldap
        expiration
        logintime
        pap
}
authenticate {
        Auth-Type PAP {
                pap
        }
        Auth-Type CHAP {
                chap
        }
        Auth-Type MS-CHAP {
                mschap
        }
        mschap
        digest
        eap
}
preacct {
        preprocess
        acct_unique
        suffix
        files
}
accounting {
        detail
        unix
        sql
        exec
        attr_filter.accounting_response
}
session {
}
post-auth {
        if (session-state:User-Name && reply:User-Name && request:User-Name && (
reply:User-Name == request:User-Name)) {
                update reply {
                        &User-Name !* ANY
                }
        }
        update {
                &reply: += &session-state:
        }
        sql
        exec
        remove_reply_message_if_eap
        Post-Auth-Type REJECT {
                -sql
                attr_filter.access_reject
                eap
                remove_reply_message_if_eap
        }
        Post-Auth-Type Challenge {
        }

}
pre-proxy {
}
post-proxy {
        eap
}
}