radius.conf.5 (213573) | radius.conf.5 (243956) |
---|---|
1.\" Copyright 1998 Juniper Networks, Inc. 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 8 unchanged lines hidden (view full) --- 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" | 1.\" Copyright 1998 Juniper Networks, Inc. 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 8 unchanged lines hidden (view full) --- 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" |
25.\" $FreeBSD: head/lib/libradius/radius.conf.5 213573 2010-10-08 12:40:16Z uqs $ | 25.\" $FreeBSD: head/lib/libradius/radius.conf.5 243956 2012-12-06 19:00:37Z sem $ |
26.\" 27.Dd October 30, 1999 28.Dt RADIUS.CONF 5 29.Os 30.Sh NAME 31.Nm radius.conf 32.Nd RADIUS client configuration file 33.Sh SYNOPSIS --- 5 unchanged lines hidden (view full) --- 39It is parsed by 40.Xr rad_config 3 . 41The file contains one or more lines of text, each describing a 42single RADIUS server which will be used by the library. 43Leading 44white space is ignored, as are empty lines and lines containing 45only comments. 46.Pp | 26.\" 27.Dd October 30, 1999 28.Dt RADIUS.CONF 5 29.Os 30.Sh NAME 31.Nm radius.conf 32.Nd RADIUS client configuration file 33.Sh SYNOPSIS --- 5 unchanged lines hidden (view full) --- 39It is parsed by 40.Xr rad_config 3 . 41The file contains one or more lines of text, each describing a 42single RADIUS server which will be used by the library. 43Leading 44white space is ignored, as are empty lines and lines containing 45only comments. 46.Pp |
47A RADIUS server is described by three to five fields on a line: | 47A RADIUS server is described by three to seven fields on a line: |
48.Pp 49.Bl -item -offset indent -compact 50.It 51Service type 52.It 53Server host 54.It 55Shared secret 56.It 57Timeout 58.It 59Retries | 48.Pp 49.Bl -item -offset indent -compact 50.It 51Service type 52.It 53Server host 54.It 55Shared secret 56.It 57Timeout 58.It 59Retries |
60.It 61Dead time 62.It 63Bind address |
|
60.El 61.Pp 62The fields are separated by white space. 63The 64.Ql # 65character at the beginning of a field begins a comment, which extends 66to the end of the line. 67A field may be enclosed in double quotes, --- 66 unchanged lines hidden (view full) --- 134.Pp 135The fifth field contains a decimal integer specifying the maximum 136number of attempts that will be made to authenticate with the server 137before giving up. 138If omitted, it defaults to 3 attempts. 139Note, 140this is the total number of attempts and not the number of retries. 141.Pp | 64.El 65.Pp 66The fields are separated by white space. 67The 68.Ql # 69character at the beginning of a field begins a comment, which extends 70to the end of the line. 71A field may be enclosed in double quotes, --- 66 unchanged lines hidden (view full) --- 138.Pp 139The fifth field contains a decimal integer specifying the maximum 140number of attempts that will be made to authenticate with the server 141before giving up. 142If omitted, it defaults to 3 attempts. 143Note, 144this is the total number of attempts and not the number of retries. 145.Pp |
146The sixth field contains a decimal integer specifying a time interval 147in seconds when the server will not requested if it was inaccessible 148on the last try. 0 means ask always. 149.Pp 150The seventh field contains an IP address on multihomed host. All 151requests will be binded to this IP. 152.Pp |
|
142Up to 10 RADIUS servers may be specified for each service type. 143The servers are tried in 144round-robin fashion, until a valid response is received or the 145maximum number of tries has been reached for all servers. 146.Pp 147The standard location for this file is 148.Pa /etc/radius.conf . 149But an alternate pathname may be specified in the call to --- 6 unchanged lines hidden (view full) --- 156.Bd -literal 157# A simple entry using all the defaults: 158acct radius1.domain.com OurLittleSecret 159 160# A server still using the obsolete RADIUS port, with increased 161# timeout and maximum tries: 162auth auth.domain.com:1645 "I can't see you" 5 4 163 | 153Up to 10 RADIUS servers may be specified for each service type. 154The servers are tried in 155round-robin fashion, until a valid response is received or the 156maximum number of tries has been reached for all servers. 157.Pp 158The standard location for this file is 159.Pa /etc/radius.conf . 160But an alternate pathname may be specified in the call to --- 6 unchanged lines hidden (view full) --- 167.Bd -literal 168# A simple entry using all the defaults: 169acct radius1.domain.com OurLittleSecret 170 171# A server still using the obsolete RADIUS port, with increased 172# timeout and maximum tries: 173auth auth.domain.com:1645 "I can't see you" 5 4 174 |
175# As above but set dead time and bind address 176auth auth.domain.com:1645 "I can't see you" 5 4 60 192.168.1.8 177 |
|
164# A server specified by its IP address: 165auth 192.168.27.81 $X*#..38947ax-+= 166.Ed 167.Sh SEE ALSO 168.Xr libradius 3 169.Rs 170.%A C. Rigney, et al 171.%T "Remote Authentication Dial In User Service (RADIUS)" --- 13 unchanged lines hidden --- | 178# A server specified by its IP address: 179auth 192.168.27.81 $X*#..38947ax-+= 180.Ed 181.Sh SEE ALSO 182.Xr libradius 3 183.Rs 184.%A C. Rigney, et al 185.%T "Remote Authentication Dial In User Service (RADIUS)" --- 13 unchanged lines hidden --- |