92 lines
1.9 KiB
Django/Jinja
92 lines
1.9 KiB
Django/Jinja
{{ ansible_managed | comment }}
|
|
|
|
server outer-aurore {
|
|
|
|
listen {
|
|
type = auth
|
|
ipaddr = *
|
|
port = 0
|
|
limit {
|
|
max_connections = 16
|
|
lifetime = 0
|
|
idle_timeout = 30
|
|
}
|
|
}
|
|
|
|
listen {
|
|
type = auth
|
|
ipv6addr = *
|
|
port = 0
|
|
limit {
|
|
max_connections = 16
|
|
lifetime = 0
|
|
idle_timeout = 30
|
|
}
|
|
}
|
|
|
|
authorize {
|
|
rewrite_calling_station_id
|
|
rewrite_called_station_id
|
|
linelog_outer_authz_user
|
|
filter_username
|
|
split_username_nai
|
|
if (!&Stripped-User-Domain || &Stripped-User-Domain == "auro.re") {
|
|
eap
|
|
} else {
|
|
update control {
|
|
Proxy-To-Realm := "FEDEREZ"
|
|
}
|
|
}
|
|
}
|
|
|
|
authenticate {
|
|
eap
|
|
}
|
|
|
|
preacct {
|
|
}
|
|
|
|
accounting {
|
|
}
|
|
|
|
post-auth {
|
|
eap
|
|
if (&session-state:User-Name && &reply:User-Name \
|
|
&& &request:User-Name \
|
|
&& (&reply:User-Name == &request:User-Name)) {
|
|
update reply {
|
|
User-Name !* ANY
|
|
}
|
|
}
|
|
update reply {
|
|
Tunnel-Medium-Type := IEEE-802
|
|
Tunnel-Type := VLAN
|
|
}
|
|
if (&session-state:Tunnel-Private-Group-ID) {
|
|
update reply {
|
|
Tunnel-Private-Group-ID := &session-state:Tunnel-Private-Group-ID
|
|
}
|
|
} else {
|
|
update reply {
|
|
Tunnel-Private-Group-ID := {{ radiusd__guest_vlan | int }}
|
|
}
|
|
}
|
|
Post-Auth-Type reject {
|
|
attr_filter.access_reject
|
|
eap
|
|
remove_reply_message_if_eap
|
|
linelog_outer_postauth
|
|
}
|
|
remove_reply_message_if_eap
|
|
linelog_outer_postauth
|
|
}
|
|
|
|
pre-proxy {
|
|
}
|
|
|
|
post-proxy {
|
|
split_username_nai
|
|
eap
|
|
}
|
|
|
|
}
|