diff options
| author | venaas <venaas> | 2007-02-08 09:46:12 +0000 |
|---|---|---|
| committer | venaas <venaas@e88ac4ed-0b26-0410-9574-a7f39faa03bf> | 2007-02-08 09:46:12 +0000 |
| commit | 4ae470172d0295e19806fb3e69b45fb2b581e312 (patch) | |
| tree | 24a6ff45804a18d6e1c51ca11cdc46cdd1f17bf1 | |
| parent | 6c2d661206627bc4f64ba0f7f200ff97642b8048 (diff) | |
config examples
git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@50 e88ac4ed-0b26-0410-9574-a7f39faa03bf
| -rw-r--r-- | clients.conf-example | 9 | ||||
| -rw-r--r-- | radsecproxy.conf-example | 13 | ||||
| -rw-r--r-- | servers.conf-example | 13 |
3 files changed, 35 insertions, 0 deletions
diff --git a/clients.conf-example b/clients.conf-example new file mode 100644 index 0000000..e715770 --- /dev/null +++ b/clients.conf-example @@ -0,0 +1,9 @@ +#Here we list RADIUS clients that we are willing to serve +# +#First field is T or U for TLS or UDP +#Second is address or fqdn, and must match certificate cn for TLS +#Third field is the secret and is optional for TLS + +T 2001:db8::1 +U 127.0.0.1 secret +T radius.example.com verysecret diff --git a/radsecproxy.conf-example b/radsecproxy.conf-example new file mode 100644 index 0000000..be3dc95 --- /dev/null +++ b/radsecproxy.conf-example @@ -0,0 +1,13 @@ +#All possible config options are listed below +# +# You must specify at least one of TLSCACertificateFile or TLSCACertificatePath +# for TLS to work. We always verify peer certificate (both client and server) +#TLSCACertificateFile /etc/cacerts/CA.pem +TLSCACertificatePath /etc/cacerts + +# You must specify the below for TLS, we will always present our certificate +TLSCertificateFile /etc/hostcertkey/host.example.com.pem +TLSCertificateKeyFile /etc/hostcertkey/host.example.com.key.pem + +# You can optionally specify a non-standard UDP port to listen +#UDPServerPort 1814 diff --git a/servers.conf-example b/servers.conf-example new file mode 100644 index 0000000..6556cb5 --- /dev/null +++ b/servers.conf-example @@ -0,0 +1,13 @@ +#Here we list RADIUS servers we will use for different realms +# +#First field is T or U for TLS or UDP +#Second is address or fqdn and optional port, must match certificate cn for TLS +# port is specified using addr:port or domain:port +#Third field is ";" separated list of realms +# * can be used for matching anything (default route) +# realms will be matched in the order specified, using first match +#Fourth field is the secret and is optional for TLS + +T [2001:db8::1]:2283 example.com;com +U 127.0.0.1 eduroam.cc secret +T radius.example.com * verysecret |