GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 08:46:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
2f3d520c85949b3dc64579bfe367977d3d206b96
ocserv/doc/README.radius
Nikos Mavrogiannopoulos 90b0ac7932 radius: added support for Framed-IPv6-Prefix
2014-12-29 20:00:45 +02:00

80 lines
2.4 KiB
Plaintext
Raw Blame History

============================================
Using Radius with ocserv
============================================
For radius support the freeradius-client library is required. Currently
(2014-12-14) the best would be to use the version from the git repository
at: https://github.com/FreeRADIUS/freeradius-client
Freeradius-client uses a configuration file to setup the
server configuration. That is typically found at:
/etc/radiusclient/radiusclient.conf
and is best to copy the default installed by freeradius-client
as radiusclient-ocserv.conf and edit it accordingly.
The important options for ocserv usage are the following:
dictionary /etc/radiusclient/dictionary
servers /etc/radiusclient/servers
The dictionary should contain at least the attributes shown below,
and the servers file should contain the radius server to use.
============================================
Ocserv configuration
============================================
For authentication the following line should be enabled.
#auth = "radius[/path/to/radiusclient.conf,groupconfig]"
Check the ocserv manpage for the meaning of the various options
such as groupconfig.
To enable accounting, set the following option to the time (in
seconds), that accounting information should be reported.
#stats-report-time = 360
============================================
Dictionary
============================================
#
# Ocserv would support the following radious attributes.
#
# Standard attributes
ATTRIBUTE User-Name 1 string
ATTRIBUTE Password 2 string
ATTRIBUTE Framed-Protocol 7 integer
ATTRIBUTE Framed-IP-Address 8 ipaddr
ATTRIBUTE Framed-IP-Netmask 9 ipaddr
ATTRIBUTE Framed-Route 22 string
ATTRIBUTE Acct-Input-Octets 42 integer
ATTRIBUTE Acct-Output-Octets 43 integer
ATTRIBUTE Acct-Session-Id 44 string
ATTRIBUTE Acct-Input-Gigawords 52 integer
ATTRIBUTE Acct-Output-Gigawords 53 integer
# IPv6 attributes
ATTRIBUTE Framed-IPv6-Route 99 string
ATTRIBUTE Framed-IPv6-Prefix 97 ipv6prefix
ATTRIBUTE Framed-IPv6-Address 168 ipv6addr
ATTRIBUTE DNS-Server-IPv6-Address 169 ipv6addr
# Experimental Non Protocol Attributes used by Cistron-Radiusd
#
ATTRIBUTE Group-Name 1030 string
# DNS server extensions
VENDOR Microsoft 311
BEGIN-VENDOR Microsoft
ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr
ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr
END-VENDOR Microsoft
Reference in New Issue View Git Blame Copy Permalink