mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-02-10 00:37:00 +08:00
tests: updated radius config files for f23
This commit is contained in:
Nikos Mavrogiannopoulos
@@ -11,7 +11,7 @@ test Cleartext-Password := "test"
|
||||
Framed-IP-Address = 192.168.55.190,
|
||||
Framed-IP-Netmask = 255.255.255.0,
|
||||
Framed-Routing = Broadcast-Listen,
|
||||
Framed-MTU = 1500,
|
||||
Framed-MTU = 1500
|
||||
|
||||
test2 Cleartext-Password := "test2"
|
||||
Service-Type = Framed-User,
|
||||
@@ -21,7 +21,7 @@ test2 Cleartext-Password := "test2"
|
||||
Framed-IP-Address = 192.168.1.191,
|
||||
Framed-IP-Netmask = 255.255.255.0,
|
||||
Framed-Routing = Broadcast-Listen,
|
||||
Framed-MTU = 1500,
|
||||
Framed-MTU = 1500
|
||||
|
||||
test3 Cleartext-Password := "test3"
|
||||
Service-Type = Framed-User,
|
||||
@@ -31,7 +31,7 @@ test3 Cleartext-Password := "test3"
|
||||
Framed-IP-Address = 192.168.1.192,
|
||||
Framed-IP-Netmask = 255.255.255.0,
|
||||
Framed-Routing = Broadcast-Listen,
|
||||
Framed-MTU = 1500,
|
||||
Framed-MTU = 1500
|
||||
|
||||
test4 Cleartext-Password := "test4"
|
||||
Service-Type = Framed-User,
|
||||
@@ -41,7 +41,7 @@ test4 Cleartext-Password := "test4"
|
||||
Framed-IP-Address = 192.168.1.192,
|
||||
Framed-IP-Netmask = 255.255.255.0,
|
||||
Framed-Routing = Broadcast-Listen,
|
||||
Framed-MTU = 1500,
|
||||
Framed-MTU = 1500
|
||||
|
||||
test5 Cleartext-Password := "test5"
|
||||
Service-Type = Framed-User,
|
||||
@@ -51,7 +51,7 @@ test5 Cleartext-Password := "test5"
|
||||
Framed-IP-Address = 192.168.1.192,
|
||||
Framed-IP-Netmask = 255.255.255.0,
|
||||
Framed-Routing = Broadcast-Listen,
|
||||
Framed-MTU = 1500,
|
||||
Framed-MTU = 1500
|
||||
|
||||
test6 Cleartext-Password := "test6"
|
||||
Service-Type = Framed-User,
|
||||
@@ -61,7 +61,7 @@ test6 Cleartext-Password := "test6"
|
||||
Framed-IP-Address = 192.168.1.192,
|
||||
Framed-IP-Netmask = 255.255.255.0,
|
||||
Framed-Routing = Broadcast-Listen,
|
||||
Framed-MTU = 1500,
|
||||
Framed-MTU = 1500
|
||||
|
||||
test7 Cleartext-Password := "test7"
|
||||
Service-Type = Framed-User,
|
||||
@@ -71,7 +71,7 @@ test7 Cleartext-Password := "test7"
|
||||
Framed-IP-Address = 192.168.1.192,
|
||||
Framed-IP-Netmask = 255.255.255.0,
|
||||
Framed-Routing = Broadcast-Listen,
|
||||
Framed-MTU = 1500,
|
||||
Framed-MTU = 1500
|
||||
|
||||
test8 Cleartext-Password := "test8"
|
||||
Service-Type = Framed-User,
|
||||
@@ -81,7 +81,7 @@ test8 Cleartext-Password := "test8"
|
||||
Framed-IP-Address = 192.168.1.192,
|
||||
Framed-IP-Netmask = 255.255.255.0,
|
||||
Framed-Routing = Broadcast-Listen,
|
||||
Framed-MTU = 1500,
|
||||
Framed-MTU = 1500
|
||||
|
||||
testtime Cleartext-Password := "test"
|
||||
Service-Type = Framed-User,
|
||||
@@ -91,5 +91,5 @@ testtime Cleartext-Password := "test"
|
||||
Framed-IP-Netmask = 255.255.255.0,
|
||||
Framed-MTU = 1500,
|
||||
Session-Timeout = 120,
|
||||
Acct-Interim-Interval = 60,
|
||||
Acct-Interim-Interval = 60
|
||||
|
||||
|
||||
@@ -172,6 +172,148 @@ client localhost {
|
||||
# coa_server = coa
|
||||
}
|
||||
|
||||
client localhost2 {
|
||||
# Allowed values are:
|
||||
# dotted quad (1.2.3.4)
|
||||
# hostname (radius.example.com)
|
||||
|
||||
ipv6addr = ::1
|
||||
|
||||
#
|
||||
# A note on DNS: We STRONGLY recommend using IP addresses
|
||||
# rather than host names. Using host names means that the
|
||||
# server will do DNS lookups when it starts, making it
|
||||
# dependent on DNS. i.e. If anything goes wrong with DNS,
|
||||
# the server won't start!
|
||||
#
|
||||
# The server also looks up the IP address from DNS once, and
|
||||
# only once, when it starts. If the DNS record is later
|
||||
# updated, the server WILL NOT see that update.
|
||||
#
|
||||
|
||||
# One client definition can be applied to an entire network.
|
||||
# e.g. 127/8 should be defined with "ipaddr = 127.0.0.0" and
|
||||
# "netmask = 8"
|
||||
#
|
||||
# If not specified, the default netmask is 32 (i.e. /32)
|
||||
#
|
||||
# We do NOT recommend using anything other than 32. There
|
||||
# are usually other, better ways to achieve the same goal.
|
||||
# Using netmasks of other than 32 can cause security issues.
|
||||
#
|
||||
# You can specify overlapping networks (127/8 and 127.0/16)
|
||||
# In that case, the smallest possible network will be used
|
||||
# as the "best match" for the client.
|
||||
#
|
||||
# Clients can also be defined dynamically at run time, based
|
||||
# on any criteria. e.g. SQL lookups, keying off of NAS-Identifier,
|
||||
# etc.
|
||||
# See raddb/sites-available/dynamic-clients for details.
|
||||
#
|
||||
|
||||
# netmask = 32
|
||||
|
||||
#
|
||||
# The shared secret use to "encrypt" and "sign" packets between
|
||||
# the NAS and FreeRADIUS. You MUST change this secret from the
|
||||
# default, otherwise it's not a secret any more!
|
||||
#
|
||||
# The secret can be any string, up to 8k characters in length.
|
||||
#
|
||||
# Control codes can be entered vi octal encoding,
|
||||
# e.g. "\101\102" == "AB"
|
||||
# Quotation marks can be entered by escaping them,
|
||||
# e.g. "foo\"bar"
|
||||
#
|
||||
# A note on security: The security of the RADIUS protocol
|
||||
# depends COMPLETELY on this secret! We recommend using a
|
||||
# shared secret that is composed of:
|
||||
#
|
||||
# upper case letters
|
||||
# lower case letters
|
||||
# numbers
|
||||
#
|
||||
# And is at LEAST 8 characters long, preferably 16 characters in
|
||||
# length. The secret MUST be random, and should not be words,
|
||||
# phrase, or anything else that is recognizable.
|
||||
#
|
||||
# The default secret below is only for testing, and should
|
||||
# not be used in any real environment.
|
||||
#
|
||||
secret = testing123
|
||||
|
||||
#
|
||||
# Old-style clients do not send a Message-Authenticator
|
||||
# in an Access-Request. RFC 5080 suggests that all clients
|
||||
# SHOULD include it in an Access-Request. The configuration
|
||||
# item below allows the server to require it. If a client
|
||||
# is required to include a Message-Authenticator and it does
|
||||
# not, then the packet will be silently discarded.
|
||||
#
|
||||
# allowed values: yes, no
|
||||
require_message_authenticator = no
|
||||
|
||||
#
|
||||
# The short name is used as an alias for the fully qualified
|
||||
# domain name, or the IP address.
|
||||
#
|
||||
# It is accepted for compatibility with 1.x, but it is no
|
||||
# longer necessary in 2.0
|
||||
#
|
||||
# shortname = localhost
|
||||
|
||||
#
|
||||
# the following three fields are optional, but may be used by
|
||||
# checkrad.pl for simultaneous use checks
|
||||
#
|
||||
|
||||
#
|
||||
# The nastype tells 'checkrad.pl' which NAS-specific method to
|
||||
# use to query the NAS for simultaneous use.
|
||||
#
|
||||
# Permitted NAS types are:
|
||||
#
|
||||
# cisco
|
||||
# computone
|
||||
# livingston
|
||||
# juniper
|
||||
# max40xx
|
||||
# multitech
|
||||
# netserver
|
||||
# pathras
|
||||
# patton
|
||||
# portslave
|
||||
# tc
|
||||
# usrhiper
|
||||
# other # for all other types
|
||||
|
||||
#
|
||||
nas_type = other # localhost isn't usually a NAS...
|
||||
|
||||
#
|
||||
# The following two configurations are for future use.
|
||||
# The 'naspasswd' file is currently used to store the NAS
|
||||
# login name and password, which is used by checkrad.pl
|
||||
# when querying the NAS for simultaneous use.
|
||||
#
|
||||
# login = !root
|
||||
# password = someadminpas
|
||||
|
||||
#
|
||||
# As of 2.0, clients can also be tied to a virtual server.
|
||||
# This is done by setting the "virtual_server" configuration
|
||||
# item, as in the example below.
|
||||
#
|
||||
# virtual_server = home1
|
||||
|
||||
#
|
||||
# A pointer to the "home_server_pool" OR a "home_server"
|
||||
# section that contains the CoA configuration for this
|
||||
# client. For an example of a coa home server or pool,
|
||||
# see raddb/sites-available/originate-coa
|
||||
# coa_server = coa
|
||||
}
|
||||
|
||||
# IPv6 Client
|
||||
#client ::1 {
|
||||
# secret = testing123
|
||||
|
||||
Reference in New Issue
Block a user