API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 15th, 2016
125
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.56 KB | None | 0 0
raw download clone embed print report
  1. ##
  2. ## /netup/utm5/radius5.cfg
  3. ## UTM5 RADIUS server configuration file
  4. ##
  5.  
  6. ## =============================================================================
  7. ## MAIN RADIUS SERVER PARAMETERS
  8. ## =============================================================================
  9.  
  10. ## core_host
  11. ## Description: IP address of a host running the utm5_core
  12. ## Possible values: an IP address
  13. ## Required field.
  14. core_host=127.0.0.1
  15.  
  16. ## core_port
  17. ## Description: UTM5 core listening port. Equal to stream_bind_port parameter
  18. ## in utm5.cfg.
  19. ## Possible values: an integer from 1 to 65534
  20. ## Required field.
  21. core_port=12758
  22.  
  23. ## radius_login
  24. ## Description: A system user login to access the UTM5 core.
  25. ## Possible values: <string>
  26. ## Default value: radius
  27.  
  28. ## radius_password
  29. ## Description: A system user password to access the UTM5 core.
  30. ## Possible values: <string>
  31. ## Default value: radius
  32.  
  33. ## radius_ssl_type
  34. ## Description: SSL connection type. If 'none' is set, the connection
  35. ## is unencrypted.
  36. ## Possible values: tls1, ssl3, none
  37. ## Default value: none
  38. #radius_ssl_type=none
  39.  
  40. ## radius_acct_host
  41. ## Description: IP address of the host receiving Accounting-Requests.
  42. ## Possible values: interface IP address or 0.0.0.0
  43. ## Default value: 0.0.0.0
  44.  
  45. ## radius_acct_port
  46. ## Description: Port of the host receiving Accounting-Requests.
  47. ## Possible values: an integer from 1 to 65534
  48. ## Default value: 1813
  49.  
  50. ## radius_auth_host
  51. ## Description: IP address of the host receiving Access-Requests.
  52. ## Possible values: interface IP address or 0.0.0.0
  53. ## Default value: 0.0.0.0
  54.  
  55. ## radius_auth_port
  56. ## Description: Port of the host receiving Access-Requests.
  57. ## Possible values: an integer from 1 to 65534
  58. ## Default value: 1812
  59.  
  60. ## radius_auth_mppe
  61. ## Description: Enables MPPE 128 bit key generation used for authorization
  62. ## via MS-CHAP-v2 protocol.
  63. ## Possible values: enable
  64. ## Default value: the keys are not generated
  65.  
  66.  
  67. ## radius_auth_vap
  68. ## Description: If the value is set, authorization of blocked users, whose
  69. ## logins are set in IP traffic service link, is disallowed.
  70. ## Possible values: 1
  71. ## Default value: authorization is allowed
  72.  
  73. ## radius_ippool_acct_timeout
  74. ## Description: A time interval during which the IP address is labeled as
  75. ## occupied after sending Access-Accept.
  76. ## Possible values: time in seconds
  77. ## Default value: 30
  78.  
  79. ## radius_ippool_timeout
  80. ## Description: A time interval during which the IP address is labeled as
  81. ## occupied after receiving Accounting-Start.
  82. ## Possible values: time in seconds
  83. ## Default value: The address is labeled as occupied until coming of the
  84. ## Stop packet
  85.  
  86. ## radius_auth_null
  87. ## Description: If enabled, the RADIUS server authorizes requests without
  88. ## User-Password(2) attribute, if the user's password, defined in the
  89. ## service link, is empty.
  90. ## Possible values: yes, enable
  91. ## Default value: authorization without a password is not performed
  92. #radius_auth_null=yes
  93.  
  94. ## radius_auth_h323_remote_address
  95. ## Description: If enabled, then telephone calls authentication is performed
  96. ## using h323-remote-address(9;23) attribute value, but not using
  97. ## User-Name(1) attribute. The attribute value is used as a login.
  98. ## Possible values: enable, on, yes
  99. ## Default value: replacement of login with h323-remote-address is not
  100. ## performed
  101.  
  102. ## radius_nas_port_vpn
  103. ## Description: This parameter is checked against NAS-Port-Type(61) attribute
  104. ## value when connecting using the login specified in the IP traffic service
  105. ## link. Several values can be set.
  106. ## Possible values: a positive integer
  107. ## Default value: Checking against NAS-Port-Type for the IP traffic service
  108. ## link is not performed
  109.  
  110. ## radius_nas_port_dialup
  111. ## Description: This parameter is checked against NAS-Port-Type(61) attribute
  112. ## value when connecting using the login specified in the Dial-up service
  113. ## link. Several values can be set.
  114. ## Possible values: a positive integer
  115. ## Default value: checking against NAS-Port-Type for the Dial-up service link
  116. ## is not performed
  117.  
  118. ## radius_nas_port_tel
  119. ## Description: This parameter is checked against NAS-Port-Type(61) attribute
  120. ## value when connecting using the login specified in the Telephony service
  121. ## link. Several values can be set.
  122. ## Possible values: a positive integer
  123. ## Default value: checking against NAS-Port-Type for the Telephony service
  124. ## link is not performed
  125.  
  126. ## radius_card_autoadd
  127. ## Description: If 'yes' is set, the automatic registration of users is
  128. ## enabled via the RADIUS server using prepaid cards. In this case in the
  129. ## Login field a user enters the card number and in the Password field - the
  130. ## PIN code. In case of the Telephony service, in the Login field it is
  131. ## entered the PIN code or its first part and the remainder is used as a
  132. ## password.
  133.  
  134. ## Possible values: yes, on, enable
  135. ## Default value: automatic registration is not performed
  136. radius_card_autoadd=no
  137.  
  138. ## send_xpgk_ep_number
  139. ## Description: If this option is enabled, for the Telephony service, when a
  140. ## user is being authorized, in Access-Accept it is transmitted the
  141. ## Cisco-AVPair(9;1) attribute with the value:
  142. ## xpgk-ep-number=<a semicolon separated list of telephone numbers>.
  143. ## Possible values: <any>
  144. ## Default value: telephone numbers are not transmitted in affirmative replies
  145. ## to authorization requests
  146.  
  147. ## send_h323_ivr_in
  148. ## Description: If this option is enabled, for the Telephony service, when a
  149. ## user is being authorized, in Access-Accept it is transmitted the
  150. ## Cisco-AVPair(9;1) attribute with the value: h323-ivr-in=terminal-alias:
  151. ## <a semicolon separated list of telephone numbers>.
  152. ## Possible values: <any>
  153. ## Default value: telephone numbers are not transmitted in affirmative replies
  154. ## to authorization requests
  155.  
  156. ## enable_fast_telephony
  157. ## Description: This option enables the rapid mechanism for determination of
  158. ## directions and zones when rating telephone calls. In this case templates
  159. ## for telephone directions must contain the digits from 0 to 9 and the
  160. ## symbols: ^ $ + )( |.
  161. ## Possible values: enable, yes
  162. ## Default value: the default mechanism for determination of zone/direction
  163. ## is used
  164.  
  165. ## h323_origin_reject
  166. ## Description: Sets zero cost for Accounting-Requests in which the
  167. ## h323-call-origin(9;26) attribute equals the value of this parameter.
  168. ## Possible values: <string>
  169. ## Default value: unset
  170. #h323_origin_reject=originate {answer|callback|etc}
  171.  
  172. ## interim_update_interval
  173. ## Description: Enables session control mechanism using Interim-Update
  174. ## packets. The value is transmitted in the Acct-Interim-Interval(85)
  175. ## attribute of the Access-Accept packet.
  176. ## Possible values: time in seconds, more than 61
  177. ## Default value: the default session closure control mechanism is used
  178. interim_update_interval=62
  179.  
  180. ## radius_default_session_timeout
  181. ## Description: A value of the Session-Timeout(27) attribute transmitted in
  182. ## Access-Accept for the IP traffic service link.
  183. ## Possible values: a positive integer
  184. ## Default value: 86400
  185.  
  186. ## radius_callback_avpair_enable
  187. ## Description: Enables transmission of the Cisco-AVPair(9;1) attribute with
  188. ## the value lcp:callback-dialstring=<callback number>, where
  189. ## <callback number> is the part of the login from the beginning to the
  190. ## ':'-symbol.
  191. ## Possible values: <any>
  192. ## Default value: unset
  193.  
  194. ## radius_acct_rewrite_login_answer
  195. ## Description: If the value of the h323-call-origin(9;26) attribute is
  196. ## 'originate', then setting this parameter enables replacing of the login
  197. ## with the value of the h323-remote-address(9;23) attribute when processing
  198. ## Accounting-Request packets.
  199. ## Possible values: enable, on, true
  200. ## Default value: unset
  201.  
  202. ## radius_acct_rewrite_login_originate
  203. ## Description: If the value of the h323-call-origin(9;26) attribute is
  204. ## 'answer', then setting this parameter enables replacing of the login with
  205. ## the value of the h323-remote-address(9;23) attribute when processing
  206. ## Accounting-Request packets.
  207. ## Possible values: enable, on, true
  208. ## Default value: unset
  209.  
  210. ## =============================================================================
  211. ## LOGGING (valid if logfile rotation is enabled)
  212. ## =============================================================================
  213.  
  214. log_level=3
  215. ## Description: Logging level.
  216. ## Possible values: 0, 1, 2, 3
  217. ## Default value: 2
  218.  
  219. ## log_file_main
  220. ## Description: Main logfile path.
  221. ## Possible values: <filename>
  222. ## Default value: STDERR
  223. log_file_main=/netup/utm5/log/radius.log
  224.  
  225. ## log_file_debug
  226. ## Description: Debug logfile path.
  227. ## Possible values: <filename>
  228. ## Default value: STDERR
  229. log_file_debug=/netup/utm5/log/radius.log
  230.  
  231. ## log_file_critical
  232. ## Description: Critical logfile path.
  233. ## Possible values: <filename>
  234. ## Default value: STDERR
  235.  
  236. rotate_logs=enable
  237. ## Description: Enables rotation of logfiles.
  238. ## Possible values: yes, on, enable
  239. ## Default value: rotation is disabled
  240.  
  241. max_logfile_size=100000000
  242. ## Description: Maximum logfile size. When logfile size reaches this limit,
  243. ## a rotation is performed.
  244. ## Possible values: a size in bytes
  245. ## Default value: 2485760
  246.  
  247. max_logfile_count=10
  248. ## Description: Maximum number of logfiles to retain. Valid if logfile rotation
  249. ## is on.
  250. ## Default value: not limited
  251.  
  252. ##radius_card_autoadd=yes
  253. radius_auth_mppe=enable
  254. radius_auth_vap=0
  255. radius_ippool_timeout=0
  256.  
  257. radius_ippool_acct_timeout=0
  258. blocked_pool_name=minus
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!