ansible/roles/freeradius/templates/sites-available/outer-aurore.j2

72 lines
1.2 KiB
Text
Raw Normal View History

{{ ansible_managed | comment }}
2023-06-25 00:27:08 +02:00
server outer-aurore {
listen {
type = auth
ipaddr = *
port = 0
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
listen {
type = auth
ipv6addr = *
port = 0
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
authorize {
filter_username # TODO
suffix
eap
}
authenticate {
eap
}
preacct {
}
accounting {
}
post-auth {
if (session-state:User-Name && reply:User-Name \
&& request:User-Name \
&& (reply:User-Name == request:User-Name)) {
update reply {
&User-Name !* ANY
}
}
update {
&reply: += &session-state:
}
Post-Auth-Type REJECT {
attr_filter.access_reject
eap
remove_reply_message_if_eap
2023-06-25 00:27:08 +02:00
log_auth_outer
}
remove_reply_message_if_eap
2023-06-25 00:27:08 +02:00
log_auth_outer
}
pre-proxy {
}
post-proxy {
eap
}
}