GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 00:37:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
9dc43045c7d32a275215b9a1b88a3fbd477ee038
ocserv/doc
History

README.radius 

============================================
	Using Radius with ocserv
============================================

For radius support the freeradius-client library is required. The
minimum requirement is version 1.1.7 as released at:
https://github.com/FreeRADIUS/freeradius-client

Freeradius-client uses a configuration file to setup the
server configuration. That is typically found at:
/etc/radiusclient/radiusclient.conf
and is best to copy the default installed by freeradius-client
as radiusclient-ocserv.conf and edit it accordingly.

The important options for ocserv usage are the following:
dictionary 	/etc/radiusclient/dictionary
servers         /etc/radiusclient/servers

The dictionary should contain at least the attributes shown below,
and the servers file should contain the radius server to use.

============================================
	Ocserv configuration
============================================

For authentication the following line should be enabled.
#auth = "radius[/path/to/radiusclient.conf,groupconfig]"

Check the ocserv manpage for the meaning of the various options
such as groupconfig.

To enable accounting, set the following option to the time (in
seconds), that accounting information should be reported.
#stats-report-time = 360


============================================
	Dictionary
============================================

#
# Ocserv would support the following radious attributes.
#

#	Standard attributes
ATTRIBUTE	User-Name		1	string
ATTRIBUTE	Password		2	string
ATTRIBUTE	Framed-Protocol		7	integer
ATTRIBUTE	Framed-IP-Address	8	ipaddr
ATTRIBUTE	Framed-IP-Netmask	9	ipaddr
ATTRIBUTE       Framed-Route            22      string
ATTRIBUTE	Acct-Input-Octets	42	integer
ATTRIBUTE	Acct-Output-Octets	43	integer
ATTRIBUTE	Acct-Session-Id		44	string
ATTRIBUTE	Acct-Input-Gigawords	52	integer
ATTRIBUTE	Acct-Output-Gigawords	53	integer

#	IPv6 attributes
ATTRIBUTE       Framed-IPv6-Route       99      string
ATTRIBUTE	Framed-IPv6-Prefix	97	ipv6prefix
ATTRIBUTE	Framed-IPv6-Address	168	ipv6addr
ATTRIBUTE	DNS-Server-IPv6-Address	169	ipv6addr


#	Experimental Non Protocol Attributes used by Cistron-Radiusd
#
ATTRIBUTE	Group-Name		1030	string

#	DNS server extensions
VENDOR Microsoft 311

BEGIN-VENDOR Microsoft

ATTRIBUTE	MS-Primary-DNS-Server 	28 	ipaddr
ATTRIBUTE 	MS-Secondary-DNS-Server 29 	ipaddr

END-VENDOR Microsoft
Reference in New Issue View Git Blame Copy Permalink