dynamic VLAN assignment w/ mschapv2 against AD and LDAP
Alexander Clouter
alex at digriz.org.uk
Mon Jan 24 22:38:08 CET 2011
schilling <schilling2006 at gmail.com> wrote:
>
> I am trying to play with your configuration, basically I have a
> virtual server call auth as your example, and modified my eap.conf for
> peap to use auth.
>
> what's the config:local.MY.realm? My debug showed
>
Phil pretty much covered it (and in a neater manner I was not aware
could be used, but it is obvious now seeing it...), I put all the 'local
site' specific details into a single configuration file (including
SQL/LDAP binding credentials) so that if I want to give someone a copy
of my config, ll I have to really do is trim the 'local' file and know I
have not leaked anything important.
For example, just after '$INCLUDE clients.conf' in the main radiusd.conf
file I add '$INCLUDE LOCAL/local.conf' and that LOCAL/local.conf file
is:
----
local.MY.hostname = iodine.it.soas.ac.uk
local.MY.addr.v6 = 2001:630:1b:6004:168c:9d91:127f:bb0c
local.MY.addr.v4 = 212.219.138.70
local.MY.realm = soas.ac.uk
local.addr.v6 = 2001:630:1b:1001:624a::15bb
local.addr.v4 = 193.63.73.37
local.test.username = test-username
local.test.password = [ahem]
local.ldap.server.1 = ldap1.soas.ac.uk
local.ldap.server.2 = ldap2.soas.ac.uk
local.ldap.username = cn=cheese,ou=is,o=tasty
local.ldap.password = NOM
local.sql.server = sql.soas.ac.uk
local.sql.username = radius-username
local.sql.password = oh-so-very-secret
local.cert.password = omg-do-not-tell-anyones
[snipped]
$INCLUDE ${confdir}/LOCAL/templates.conf
$INCLUDE ${confdir}/LOCAL/policy.conf
$INCLUDE ${confdir}/LOCAL/proxy.conf
$INCLUDE ${confdir}/LOCAL/clients/
----
Cheers
--
Alexander Clouter
.sigmonster says: Riches cover a multitude of woes.
-- Menander
More information about the Freeradius-Users
mailing list